Payment Card Industry Data Security Standards (PCI DSS) refers to the standards that the card brands created to secure cardholder data and to protect customers from fraud.
PCI DSS applies to any person or organization that processes, stores, or transmits cardholder data. For example, software vendors, payment processors, and merchants.
What does this mean for you?
This means that you must follow specific requirements in the PCI DSS to achieve a PCI DSS compliant status. For example:
- Assign unique IDs to people with access to the cardholder data.
- Encrypt the cardholder data that you transmit.
- Update your software and maintain your security systems.
PCI DSS Compliance: To comply with PCI DSS, an organization that accepts, transmits, or stores cardholder data must meet the security standards outlined by the PCI Security Standard Council.
Benefits of PCI DSS compliance
Complying with PCI DSS means that you:
- Avoid non-compliance fines.
- Improve your brand’s reputation.
- Protect cardholder data.
- Reduce the chance of data breaches.
Consequences of PCI DSS non-compliance
Not complying with PCI DSS means that you increase the risk of:
- Cardholder data breaches.
- Loss of sales and tarnished brand image because of the bad reputation associated with PCI non-compliance.
- A ban on processing transactions.
- Non-compliance fines of up to $500,000 for each non-compliant transaction.
For more information about how to comply, go to our Secure Trust PCI Manager article.