About

The goal of this site is to provide a structured approach to PCI DSS Compliance. Let’s start with the obvious.

What exactly is PCI DSS ?

PCI DSS is a standard that includes over 250 mandatory  requirements and whose goal is to protect credit cardholder data.

The goal of PCI DSS is to protect cardholder data from theft or unauthorized disclosure. The primary goal of PCI DSS is not about compliance, its about security.

Why  does PCI Compliance exist ?

It was created because credit card industry sees value in protecting card information because of two reasons :

  • Fraud which means the payment card industry makes less money
  • Avoid users prefer alternative forms of payment and makes card brands less valuable

The credit card brands don’t care about merchants being compliant, they mainly care about the data from credit cardholders being protected.