Who We Serve
We serve those who work with and are associated with payment cards. This includes: merchants of all sizes, financial institutions, point-of-sale vendors, and hardware and software developers who create and operate the global infrastructure for processing payments.
What We Do
There are two priorities for our work:
- Helping merchants and financial institutions understand and implement standards for security policies, technologies and ongoing processes that protect their payment systems from breaches and theft of cardholder data.
- Helping vendors understand and implement standards for creating secure payment solutions.
“Over the course of several years now, the PCI Security Standards Council has done a laudable job at defining and evolving a cohesive set of standards, as well as at listening and adapting over time to the feedback from merchants, banks, payment processors, service providers, and technology providers.”
- Derek Brink, Vice President and Research Fellow, Aberdeen Group
From customers to merchants and financial institutions, the security of cardholder data affects everybody. Discover how securing cardholder data can help preserve customer trust, ensure compliance, and benefit your organization in the long term.
Get the details
The PCI Security Standards
Maintaining payment security is required for all entities that store, process or transmit cardholder data. Guidance for maintaining payment security is provided in PCI security standards. These set the technical and operational requirements for organizations accepting or processing payment transactions, and for software developers and manufacturers of applications and devices used in those transactions.
See the standards
How to Secure
Following guidance in the PCI Data Security Standard helps keep your cyber defenses primed against attacks aimed at stealing cardholder data.
Learn how to secure
Assessing the Security of Your Cardholder Data
Most small merchants can use a self-validation tool to assess their level of cardholder data security. The Self-Assessment Questionnaire includes a series of questions for each applicable PCI Data Security Standard requirement. There are different SAQs available for a variety of merchant environments.
Take the self assessment