Payment Card Industry Security Standards Council
Payment Card Industry Security Standards Council
The Payment Card Industry Security Standards Council (PCI SSC) is an independent organization that develops and maintains global security standards for the payment card industry. These standards ensure that businesses that process, store, or transmit cardholder data maintain a secure environment, protect cardholders’ personal information, and prevent fraud and data breaches.
What does Payment Card Industry Security Standards Council mean?
The Payment Card Industry Security Standards Council (PCI SSC) is a global forum that develops and maintains security standards for payment card data. Its mission is to protect payment card data by ensuring that organizations that Process, store, or transmit payment card data follow best practices and maintain a secure environment.
The PCI SSC’s mission is to:
- Develop, maintain, and promote payment card industry security standards
- Assist organizations in implementing and maintaining secure payment card data environments
- Foster a community of stakeholders committed to protecting payment card data
The PCI SSC does not enforce the standards but provides resources and support to organizations to help them meet the standards. Compliance is voluntary; however, many organizations are required to comply with the standards by their acquirers or payment processors.
Applications
The PCI SSC’s standards are used by organizations worldwide to protect payment card data. The standards cover a wide range of topics, including:
- Data Security
- Network security
- Vulnerability Management
- Incident response
- Cardholder data protection
The PCI SSC’s standards are essential for protecting payment card data because they provide a comprehensive set of best practices that organizations can follow to minimize the risk of a Data Breach. The standards are constantly updated to address the latest threats and vulnerabilities, and organizations that follow the standards can be confident that they are taking the necessary steps to protect payment card data.
History
The PCI SSC was founded in 2006 by American Express, Discover Financial Services, JCB International, MasterCard, and Visa. The Council was created in response to the growing number of data breaches that were occurring at the time. The goal of the Council was to develop and maintain security standards that would help organizations protect payment card data.
The PCI SSC has since developed a number of standards, including the Payment Card Industry Data Security Standard (PCI DSS), the Payment Card Industry Payment Application Data Security Standard (PCI PA-DSS), and the Payment Card Industry Cardholder Data Environmental Security Standard (PCI CDE-DSS). These standards are widely used by organizations worldwide to protect payment card data.
The PCI SSC has also developed a number of resources and programs to help organizations implement and maintain secure payment card data environments. These resources include the PCI SSC Knowledge Base, the PCI SSC Information Security Officer (ISO) program, and the PCI SSC Security Awareness Training program.