The PCI DSS (Payment Card Industry Data Security Standard) is a set of standards that are put in place to ensure that all companies accept, process, store, and/ or transmit cardholder data (i.e., credit card information) in the safest possible manner. The PCI DSS is run by the PCI Security Standards Council, which is an independent body founded by the five largest credit card companies. According to Verizon’s PCI DSS Compliance Report, 80% of organizations are still non-compliant. That’s a large number of businesses still at risk of a breach.
How did it get started?
The PCI Council started the initiative in 2006 to improve the security of payment transactions. The five credit card companies that comprise the PCI Council believe that sellers and organizations that accept credit cards are responsible for the security of those transactions. This is why it is crucial that preventative measures are set in place to stop the theft of cardholder data. PCI compliance is crucial for a number of reasons.