Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council, and its use is mandated by the card brands. It was created to better control cardholder data and reduce credit card fraud. Validation of compliance is performed annually or quarterly with a method suited to the volume of transactions:^[1]

Self-assessment questionnaire (SAQ)
Firm-specific Internal Security Assessor (ISA)
External Qualified Security Assessor (QSA)

^ "Payment Card Industry (PCI) Data Security Standard Requirements and Security Assessment Procedures Version 3.2.1 May 2018" (PDF). PCI Security Standards Council, LLC. Archived (PDF) from the original on September 1, 2018. Retrieved September 4, 2018.

[PCI_DSS-1] "Payment Card Industry (PCI) Data Security Standard Requirements and Security Assessment Procedures Version 3.2.1 May 2018" (PDF). PCI Security Standards Council, LLC. Archived (PDF) from the original on September 1, 2018. Retrieved September 4, 2018.

[1]

Payment Card Industry Data Security Standard

From Wikipedia, the free encyclopedia · View on Wikipedia