• PCI DSS stands for the Payment Card Industry Data Security Standard.
  • PCI DSS compliance is mandatory for any business that accepts credit and debit cards.
  • It is a set of technical and operational requirements set by the PCI Security Standards Council (SSC) to protect payment card data.
  • Merchants need to show to their acquiring banks or payment service providers that they are processing the payments in such a way that does not leave their business at risk of a data breach, in line with the PCI DSS Compliance Programs set out by the card schemes (VISA, Mastercard etc.).

Version 4.0 marks the first significant change to the standard in nearly a decade. It is a response to both changes in technology and the evolving threat landscape facing businesses today. It aims to better support businesses in their efforts to secure payment card data and improve security measures to protect against potential risks.