Accepting online payments

Payment Card Industry Data Security Standard compliance

Guide

The Payment Card Industry Data Security Standard (PCI DSS) - is a worldwide security standard developed to protect cardholders' personal information. It includes requirements for security management, network architecture, software design, security policies and procedures, and other protection of customer account data. The standard is applicable to any organisation that stores, transmits or processes cardholder information.

Each of PCI (Security Standards Council’s (SSC) founding payment brand members (American Express, Discover, JCB International, MasterCard and Visa) currently have their own PCI compliance programs for the protection of their affiliated payment card account data. Entities should contact the payment brands directly for information about their compliance programs.

Questions regarding compliance requirements for payment card account data affiliated with other payment networks or brands should be referred to the applicable payment network or brand.

Failure to be annually certified can become an issue if you have a security breach and your customers' card details are stolen.