Art. 4 (32) Payment Services Directive 2015/2366:

"Sensitive payment data" means

"data, including personalised security credentials which can be used to carry out fraud. For the activities of payment initiation service providers and account information service providers, the name of the account owner and the account number do not constitute sensitive payment data"