The Payment Card Industry Data Security Standard (PCI DSS) consists of security protocols set in place to make sure all companies accepting, processing, storing or transmitting card information operate in a safe and secure environment.
The Payment Card Industry Security Standards Council (PCI SSC) started on September 7th, 2006 to take-up incorporating changes to the PCI security protocols, with an aim to keep improving payment account security of the transaction process. The PCI SSC, consisting of major card networks (Visa, MasterCard, American Express, Discover and JCB) manages the PCI DSS.
Who does PCI DSS apply to?
The PCI DSS applies to any company; no matter where it’s located, its size, or the number of transactions it processes. If the company is involved in the payment process of accepting, transferring or storing card information, these rules apply. Failure to comply with the PCI DSS rules results in paying a fine to even losing permission to accept cards for your business.
Is PCI compliance necessary for debit card transactions?
Yes. Any credit, debit and prepaid cards that carry any of the five-card networks’ brands, namely Visa, MasterCard, American Express, Discover and JCB, require PCI compliance.