What is PCI?

What is PCI (and does it apply to me)?

The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all entities that store, process or transmit cardholder data – with requirements for software developers and manufacturers of applications and devices used in those transactions. The Council is responsible for managing the security standards, while compliance with the PCI set of standards is enforced by the founding members of the Council, American Express, Discover Financial Services, JCB, MasterCard and Visa Inc.

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL entities that accept, process, store or transmit credit card information maintain a secure environment. It covers technical and operational system components included in or connected to cardholder data. If you accept or process payment cards, PCI DSS applies to you.

For more information on PCI, the PCI SSC, and PCI DSS, please see:

  1. https://www.pcicomplianceguide.org/pci-faqs-2/
  2. https://www.pcisecuritystandards.org/