PCI DSS is the international Payment Card Industry Data Security Standard, used by Visa International, MasterCard Worldwide, American Express, JCB and Discover Financial Services.

PCI DSS and other payment card industry standards complement each other and define the minimum safety requirements for card transactions. Adhering to this standard is compulsory for all parties receiving, transmitting or storing card payment transactions.

PCI DSS in brief

• The standard guides the reception, processing, storage and transmission of payment card account and transaction data.
• Adhering to this standard is compulsory for all parties receiving, transmitting or storing card payment transactions, for example all merchants who accept payment cards and all service providers who process card transactions.
• Merchants who comply with the PCI DSS get protection from the card companies in case of data breach.
• These requirements apply to all system components, including all network components, servers and applications that are part of, or connected to, an environment that contains card holder information.
• The standard aims to keep card holders' account information safe under any circumstances and to ensure maximum data safety for all entities processing card information
• The standard is governed by the PCI Security Standards Council, an independent international body founded by card organisations.
• Card organisations apply the standard through their individual compliance programmes:
  • Visa Europe Payment System Risk (PSR)
    Formely known as Visa Europe Account Information Security (AIS) 
  • MasterCard Site Data Protection (SDP)