Payment Card Industry (PCI)

The Payment Card Industry (PCI) refers to the debit and credit card industry. It includes all entities that store, process, or transmit cardholder data, including the following:

  • merchants
  • processors
  • acquirers
  • issuers
  • service providers

The industry is governed by the PCI Security Standards Council, which sets the security standards for handling cardholder data. This council was formed by major card companies like Visa, MasterCard, American Express, Discover, and JCB. It is responsible for developing, maintaining, and managing the PCI standards.

All entities that handle cardholder data are required to comply with these standards, regardless of their size or the volume of transactions they process. This helps to ensure that cardholder data is protected throughout the transaction process, and reduces the risk of data breaches and fraud.

In addition to setting standards, the PCI Security Standards Council also provides resources and support to help entities achieve and maintain compliance. This includes providing training, certification, and testing resources.