PCICompliancelogoLet’s get started with what PCI actually is.  PCI stands for Payment Card Industry, which is often termed simply “the Council.”  PCI is a global forum that was launched in 2006 to develop, maintain and manage PCI Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) Requirements.

The standards cover point-of-card entry data into the system, how the data is processed, and the secure payment application.  PCI seeks to protect and educate industry players such as merchants, cardholders, processors, financial institutions, and any other organizations that store, process, and transmit cardholder data, around the world.

The Council educates stakeholders about PCI Security Standards, operates programs to train and qualify security professionals, and performs risk-assessment and compliance achievement with PCI Security Standards.  PCI also promotes awareness of payment data security to the public.

The Council’s five founding global payment brands – American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. – have incorporated the PCI DSS as the technical requirements for their data security compliance programs.

Each founding member recognizes Qualified Security Assessors and Approved Scanning Vendors as being qualified to validate compliance to the PCI DSS.  This makes the Council a centralized resource for access to standards and services approved by all five payment brands.

Watch the following short video to learn the importance of PCI’s Data Security Standards. It tells the story of a small business owner that nearly lost her business because they were not complying with standards.

Compliance is an ongoing process, which helps to prevent security breaches and theft of payment card data today and moving forward.  The PCI Security Standards Council is constantly working to monitor threats as data compromise becomes more sophisticated.  They are constantly working to improve PCI Security Standards by training security professionals.

When you stay compliant, you are part of the bigger solution. If you have any questions or concerns regarding PCI Compliance, please contact your merchant service provider or contact us.