(Payment Card Industry Data Security Standard) Security procedures from the PCI Security Standards Council for merchants that accept credit cards online. It includes guidelines for user authentication, firewalls, antivirus, encryption, truncating account numbers, programming maintenance and vulnerability testing.|
The primary issue is the handling of credit card numbers. To be PCI compliant, a merchant must encrypt card numbers before transmission over any network and must store them in a protected environment. For more information, visit www.pcisecuritystandards.org. See Qualified Security Assessor, Internal Security Assessor and Approved Scanning Vendor.