Payment Card Industry Standard (PCI DSS)
| Payment Card Industry Data Security Standard | |
|---|---|
| CITATION | PCI DSS is available here |
| ENACTED | Launched 2006 |
| SUMMARY | The PCI DSS was developed by the PCI Council, an organization comprised of the major card brands to provide consistent and self-regulated data security for card holder data processing to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data and requisites for compliance reporting and business certification for processors of cardholder data. |
| DATA COVERED | Cardholder Data includes Primary Account Number (PAN); Cardholder Name; Expiration date; Service Card. It also includes Sensitive Authentication Data which includes: (1) Full magnetic stripe data or equivalent on a chip; (2) CAV2/CVC2.CVV2./CID; and (3) PINs/PIN blocks. |
| INDUSTRY | PCI DSS applies to all entities involved in payment card processing, including merchants, processors, acquirers, issuers, and service providers, as well as al other entities that store, process or transmit cardholder data. |
| PENALTIES | Fines and penalties are developed by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa, Inc. Penalties include warnings, fines and the potential loss of ability to process cards. Penalties vary depending on size of company involved and the number of times a company has violated the requirements. The maximum penalty per calendar year for Level 1 and 2 merchants is twenty five thousand dollars ($25,000) for first violation, fifty thousand dollars ($50,000) for the second, one hundred thousand dollars ($100,000) for the third and two hundred thousand dollars ($200,000) for the fourth. Level 3 merchants can receive penalties that range from ten thousand dollars ($10,000) for the first violation to eighty thousand dollars ($80,000) for the fourth. |
