PCI DSS (Payment Card Industry Data Security Standard) is a pragmatic set of best practices and security measures that any organization must follow if they accept and handle cardholder data online. The standard encompasses network security, data protection, data encryption, system security, access control, ongoing monitoring and testing and security policy development.
The PCI DSS standard requires organizations to develop policies and implement measures to ensure the secure management of credit card data and to impose controlled access to the networks over which customers’ card information is sent. Compliance with PCI DSS is mandatory for organizations that process credit card transactions online. Organizations who wish to achieve Merchant ID status must demonstrate a base level of compliance and are subject to regular audits.