If you’re trying to figure out who needs to be PCI compliant, you’ve come to the right place. We understand that the topic of becoming PCI compliant can be complex and even yawn-inducing. But it is really important. So important in fact, that your business success could hinge on it. After all, we’re all just one data breach away from a front-page headline.
Chances are that If you’re asking the question, you likely need to be PCI compliant. Don’t worry though. We’ve synthesized the complex documentation and industry jargon so that you don’t have to.
Now that you know what PCI DSS compliance means, it’s time to learn which of the PCI standards apply to you.
PCI DSS applies to any organization that stores, processes, and/or transmits cardholder data. This is by far the largest set of standards. If your business accepts credit cards as a form of payment, PCI DSS applies to you.
A set of requirements focused on the protection of cardholder PINs. It is geared toward companies that make credit card terminals, PIN pads and card readers.
The PA-DSS is for software vendors and others who develop payment applications that store, process or transmit cardholder data and/or sensitive authentication data.
Organizations that implement, configure and support payment applications on behalf of merchants can participate in the QIR program. This program is geared toward VARs, dealers and solution providers that sell and install point-of-sale systems.