Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.
The Payment Card Industry Data Security Standard (often shortened to “PCI DSS” or just “PCI”), is a set of data security requirements established and governed by Visa®, MasterCard®, American Express®, and Discover® to protect cardholder account information.
Is it mandatory to be PCI compliant?
PCI-DSS is only mandatory if you are processing credit card data. … If your website or company are not PCI compliant, you run the risk of losing your merchant account, which means you won’t be able to accept credit card payments at all.
What does it mean to be PCI compliant?
The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process and transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider.
Who Needs to be PCI Compliant?
The PCI DSS applies to any merchant or service provider that handles, processes, stores or transmits credit card data. For merchants, the PCI Security Standards Council has provided on-your-honor compliance validation tools in the form of Self Assessment Questionnaires (SAQ’s).