Payment Card Industry (PCI) Data Security Standard (DSS)

Established by the major payment brands, including American Express Co., Discover Financial Services, JCB International Co. Ltd., MasterCard Worldwide and Visa Inc., the PCI DSS is now managed by the PCI Security Standards Council.

The PCI DSS is designed to enhance payment account data security worldwide and consists of 12 requirements governing security management, policies, procedures, network architecture, software design and other areas critical to the protection of cardholder data.

Failure to adhere to the standard (by any party that handles card information, including merchants and ISOs) can result in hefty fines. Often shortened to PCI.