Payment Card Industry
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that businesses must follow to protect customer credit card information. PCI DSS was created by the Payment Card Industry Security Standards Council (PCI SSC), which is a consortium of payment card companies including Visa, MasterCard, American Express, and Discover.
What is PCI DSS?
PCI DSS is a set of 12 requirements that businesses must meet to protect customer credit card information. These requirements include:
- Building and maintaining a secure network
- Protecting cardholder data
- Maintaining a vulnerability management program
- Implementing strong access control measures
- Regularly monitoring and testing networks
- Maintaining an information security policy
- Training employees on PCI DSS
- Using encryption to protect cardholder data
- Restricting access to cardholder data
- Tracking and monitoring all access to cardholder data
- Performing regular security audits
- Reporting any security breaches to the PCI SSC