PCI stands for the Payment Card Industry. The Payment Card Industry Security Standards Council (the PCI SSC) was the organization formed by the Brands (Visa, MasterCard, Discover, American Express, and JCB) to create a set of minimum security standards to ensure the safe handling of credit card data. That minimum set of security standards is called the Payment Card Industry Data Security Standards – PCI DSS. These standards must be adhered to by all merchants and anyone who collects, transmits, processes OR stores sensitive credit card information on behalf of merchants.
All merchants are required to be compliant with the PCI DSS annually. This includes merchants whose credit card processing is handled entirely by a 3rd party (also known as a Service Provider).
PCI is not a governments' passed law – but if a merchant wants to process credit cards as a convenience to their customers, failure to abide by PCI and the Brands regulations can directly impact the merchant’s ability to do so - and have a very real impact to their business as a result.
Through the links located to the right, Sage Payment Solutions has set aside a portion of our website to educate and empower our merchants to understand how PCI impacts them, why we (their Credit Card Processor) must enforce PCI compliance, and why it is in both of our interests (the merchant and Credit Card Processor) to ensure anyone who touches credit card data is not only compliant – but stays compliant with the PCI DSS.