What is PCI DSS?

Definition: The Payment Card Industry Data Security Standard (PCI DSS) is a set of policies and procedures developed by the Payment Card Industry to improve the security of credit, debit, and cash card transactions and protect cardholders from identity theft.


Payment Card Industry Data Security Standard explained

The PCI DSS was created in 2004 by Visa, MasterCard, Discover, and American Express, four major credit card companies and is administered by the Payment Card Security Standards Council.

The PCI Data Security Standard outlines twelve compliance requirements that are grouped into six logically related groups known as "control objectives." The six groups are as follows:

  • Build and Maintain a Secure Network and Systems
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy

Any organization that stores, processes or transmits credit card information must secure payment card data in accordance with PCI standards. This means that any merchant or service provider that handles cardholder data must comply:

  • Merchants accept debit or credit card payments for goods or services. Note that the PCI DSS applies to merchants even if they have subcontracted their payment card processing to a third party.
  • Service providers are directly involved in processing, storing or transmitting cardholder data on behalf of another entity.

Some organizations can act as both merchants and service providers. For example, an organization that provides data processing services for other merchants will also be a merchant if it accepts card payments.

Becoming PCI DSS compliant depends on the complexity of an organization's payments environment and the data security measures already in place. Each organization needs to be assessed on an individual basis.

Payment security is essential for every organization that handles card data.



Blog posts

Blog posts

Related products

Related products

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.