The Payment Card Industry Data Security Standard was developed by the major credit card companies as a guideline to help organizations that process card payments. The goal of this guidance is to prevent credit card fraud, hacking, and other security issues. Any company that processes, stores, or transmits credit card numbers must follow the PCI DSS guidelines or risk losing the ability to process credit card payments. Merchants and service providers regularly demonstrate their compliance by participating in an audit with a PCI DSS Qualified Security Assessor (QSA).
Where does PCI DSS apply?
PCI DSS guidelines apply to any department that processes credit cards for payment of services.