What Is PCI Compliance?
The Payment Card Industry (PCI) cybersecurity compliance standard exists to protect debit and credit cardholder data from unauthorized access via data breaches, ransomware, and other security breaches. The standard encompasses all of the IT and operational controls that organizations must implement to protect credit card data.
The Payment Card Industry Data Security Standard (PCI DSS) was created to address the proliferation of data breaches involving payment cards. It is enforced by the PCI Security Standards Council, an independent body created by major card brands Visa, American Express, MasterCard, Discover, and JCB.
PCI DSS control objectives and compliance requirements affect any business that handles payment processing, storage, or transmission of credit card data electronically, most often this is eCommerce and Retail businesses.