What is ‘PCI-DSS’?
LAST UPDATED: May 2019
Payment Card Industry Data Security Standards (PCI-DSS) is a standard mandated by the major card networks (American Express, Discover Financial Services, JCB International, MasterCard, and Visa) and administered by the Payment Card Industry Security Standards Council (PCI SSC). PCI SSC is an independent body formed to develop, enhance, disseminate and assist with implementation of security standards for payment account security .PCI SSC has issued and continuously updates technical, administrative and organizational security requirements for financial institutions, merchants, software and hardware manufacturers, and service providers. The standard was created to increase controls around cardholder data to reduce card fraud.
All five card networks have agreed to incorporate PCI-DSS standards as technical requirements of their data security compliance programs and are responsible for enforcing compliance on all parties involved in a card payment transaction.
Background: How do card payments work?
Cash payments are simple. They are a physical direct transaction between a consumer and a merchant. When a consumer chooses a different method of payment — such as a credit, debit or gift card — the process gets complicated. To get paid, a merchant must have technology in place to accept the…