Payment Card Industry – Data Security Standards
Share this page
The Payment Card Industry - Data Security Standards (PCI–DSS) were introduced in 2006 by the Security Standards Council of the Payments Card Industry to combat fraudulent use of payment (credit and debit) card details. All merchants accepting card payments need to demonstrate ongoing compliance. The standards are worldwide and cover security of the transmission, storage and processing of customer’s payment card details. These include:
- operational controls such as: restriction of authorised users, physical security of point-of-sale payment devices, secure retention and disposal of receipts, user education to prevent recording of card details;
- IT security controls such as: firewall settings, network configurations and access controls.