Payment Card Industry Data Security Standards

“PCI-DSS” refers to the Payment Card Industry Data Security Standards, which is a set of security standards developed by the major credit card companies. Every merchant that takes credit cards is subject to PCI-DSS through the agreement it has with its credit card processor. Under such processing agreements, the merchant agrees to comply with PCI-DSS and acknowledges that the processor may conduct audits to assess compliance (such audit requests are often triggered by a data breach). Non-compliance may result in fines or ultimately in the revoking of the merchant’s ability to take credit cards for payment.