[Ixiaus]

I believe it is a violation to store the expiration date without encrypting it. I could be wrong, here is a link to PCI DSS standards documents.

[CoachRufus87]

hey could you send me that link again?

Edit: I looked up the document, TL;DR - you don't need to encrypt the cardholder name, service code, or expiration date unless you are also storing an associated primary account number.