Wednesday, October 20, 2010

PCI

PCI DSS (Payment Card Industry Data Security Standard) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help organizations that process credit card transactions minimize fraud. The standard applies to all organizations which process or exchange cardholder information.


The PCI Security Standards Council continues to develop the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to remove all security risks. Changes to the standard follow a defined 36-month lifecycle with eight stages, described below.

Stage 1: Standards Published

Stage 2: Standards Effective

Stage 3: Market Implementation

Stage 4: Feedback Begins

Stage 5: Old Standards Retired

Stage 6: Feedback Review

Stage 7: Draft Revisions

Stage 8: Final Review

Each of the stages varies in length with a total of 36 months. Retailers need to be proactive when it comes to PCI and credit card security risks. You can find the most up-to-date PCI information at https://www.pcisecuritystandards.org/index.shtml.