What is PCI DSS?
The Payment Card Industry Data Security Standard is a globally recognized security framework maintained by the PCI Security Standards Council and supported by the major payment card brands to protect cardholder data and reduce payment card fraud. PCI DSS defines twelve core requirements covering areas including network security, access control, encryption, vulnerability management, monitoring, and information security policies. Organizations that process card payments whether a global retailer or a small e-commerce business must comply with PCI DSS and demonstrate compliance through self assessments or third-party audits depending on their transaction volume. Non-compliance can result in fines, increased transaction fees, and in the event of a breach, significant liability for fraudulent charges.