PCI stands for “The Payment Card Industry Data Security Standard” and is a worldwide information security standard developed by the Payment Card Industry Security Standards Council (PCI SSC).
The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The purpose for creating this standard was to assist businesses and organizations that process card payments in preventing credit card fraud through increased controls around data and its exposure to compromise. The PCI standard applies to all businesses and organizations which hold, process, or pass cardholder information from any card branded with the logo of one of the card brands.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:
Build and Maintain a Secure Network
Protect Cardholder Data
Maintain a Vulnerability Management Program
Implement Strong Access Control Measures
Regularly Monitor and Test Networks
Maintain an Information Security Policy
For Up to Date PCI Compliance Information and News
PCI Compliance.org provides the most current news and information on the way PCI DSS regulations affect credit companies, retailers, eCommerce web sites and those concerned with protecting data integrity under PCI DSS regulations.