Back to glossary

PCI DSS

A set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.

AbbreviationPCI DSS
Categorysecurity

Overview

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards formed in 2004 by Visa, MasterCard, Discover Financial Services, JCB International, and American Express. It is managed by the PCI Security Standards Council (PCI SSC).

Core Requirements

  1. Install and maintain a firewall configuration to protect cardholder data.
  2. Do not use vendor-supplied defaults for system passwords and other security parameters.
  3. Protect stored cardholder data.
  4. Encrypt transmission of cardholder data across open, public networks.
  5. Use and regularly update anti-virus software.
  6. Develop and maintain secure systems and applications.

Compliance Levels

Organizations are categorized into levels based on their transaction volume, with different requirements for auditing and reporting.

Related Terms

Compliance