Can I store CVV or PIN data using these patterns?

No. Under PCI DSS requirements, you are strictly prohibited from storing sensitive authentication data like CVV/CVC, PINs, or full magnetic stripe data after authorization, even if it is encrypted.

How does this skill help reduce PCI scope?

This skill provides patterns for tokenization and data minimization, guiding you to use third-party processors so sensitive card data never touches your servers, which significantly simplifies the compliance audit process.

What encryption standards does this skill use?

The skill implements industry-standard AES-256-GCM for data at rest and emphasizes the use of TLS 1.2 or higher for data in transit to meet modern security requirements.

What is PCI DSS compliance?

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.

PCI DSS Compliance & Secure Payments

Name: PCI DSS Compliance & Secure Payments
Author: Activer007

byActiver007

0•

Soluciones de Comercio Electrónico

Implement and maintain PCI DSS compliance standards to ensure secure handling of payment card data and transaction systems.

This skill provides comprehensive guidance and code patterns for achieving and maintaining PCI DSS compliance within payment applications. It offers standardized implementations for cardholder data encryption at rest and in transit, secure tokenization strategies, and robust audit logging. Whether you are integrating third-party processors like Stripe or building custom payment vaults, this skill ensures your architecture minimizes compliance scope, implements strict access controls, and adheres to the 12 core PCI DSS requirements to protect sensitive financial data.

Características Principales

01AES-256-GCM encryption implementations for cardholder data at rest

02Comprehensive 12-point PCI DSS requirement implementation checklist

03Standardized PCI-compliant audit logging and role-based access control

040 GitHub stars

05Secure tokenization patterns for major payment processors like Stripe

06Automated data sanitization and Luhn algorithm validation for card numbers

Casos de Uso

01Implementing secure cardholder data vaults with encryption and masking

02Preparing for PCI DSS Self-Assessment Questionnaires (SAQ A through D)

03Reducing PCI compliance scope using hosted payment fields and tokenization

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add activer007/ordinary-claude-skills pci-compliance

For use in Claude.ai and ChatGPT

Download Skill