The PCI DSS User Group
+44 (0) 20 7307 5001or email us to find out more...

Events

Full details of next User Group meeting here.

Contact

Find out more about joining the group here.


In the News

Search Security join the PCI User Group

SearchSecurity logo

The PCI Data Security Standard

The PCI Data Security Standard is a set of comprehensive requirements for enhancing payment account data security. It was developed by the founding payment brands of the PCI Security Standards Council, including Visa, MasterCard, American Express, Discover Financial Services and JCB, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organisations proactively protect customer account data.

The number of transactions taken annually dictates the level of compliance needed. Merchant levels range from levels 1 - 4, with 1 requiring quarterly scans and a full annual audit and level 4 requiring an annual scan and a self-complete form to be submitted.

There are 12 requirements within the PCI Data Security Standard regulations which apply to all levels of merchant. These fall under six main headings:

  • Build and maintain a secure network
  • Protect cardholder data
  • Maintain a vulnerability management program
  • Implement strong access control measures
  • Restrict physical access to cardholder data
  • Regularly test security systems and processes

Further details of the exact requirements can be found using the following links:

The PCI Data Security Standards Council - a link to the founding payment brands' site


Need help with compliance?