DIGEST OF INTRODUCED BILL
Prohibiting retention of certain access device data. Prohibits a person that accepts an access device card, such as a credit card, debit card, or stored value card, in connection with a transaction, from retaining the card security code, the PIN verification code number, or the full contents of the information contained in the magnetic stripe or microprocessor chip of the access device: (1) after authorization of the transaction if the transaction is not a PIN debit transaction; or (2) more than 48 hours after authorization of the transaction if the transaction is a PIN debit transaction. Provides that a person violates this prohibition if the person's service provider retains the information. Requires a person that violates the prohibition to reimburse a state or federally chartered or federally insured financial institution for the costs associated with a breach of the security of a system of the person or the person's service provider.