controlgap.com

The adoption of 8-digit BINs in 2022 has already created many transitional challenges for organizations needing access to the full BIN numbers (see 8-Digit BINs are Just Around the Corner). For entities that must comply with PCI DSS and need access to the full BIN, there are well documented issues with masking, truncation, and DSS scope. Many organizations will focus on their data-at-rest. However, don't overlook the PCI implications of data-in-transit as well.

Update: In December 2021, the PCI DSS truncation rules were changed to mitigated many issues identified in this article, for more details please see https://controlgap.com/blog/8-Digit-BINs-Great-PCI-Truncation-Reset

If your business processes or stores the full-BIN, you need to know if you will be impacted by Visa's Numerics Initiative (i.e., the 8-Digit BIN expansion mandate)....