Stampa Stampa
Dimensione testo Aumenta dimensione carattereDiminuisce dimensione carattereReimposta dimensione carattere

What Is the PCI Security Standards Council?

The Payment Card Industry Security Standards Council, or PCI SSC – often termed simply “the Council” – is an open global forum, launched in 2006, that develops, maintains and manages the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) Requirements.

Our standards cover everything from the point of entry of card data into a system, to how the data is processed, through secure payment applications. We seek to protect and educate industry players such as merchants, processors, financial institutions, and any other organizations that store, process, and transmit cardholder data, around the world.

The Council works to educate stakeholders about the PCI Security Standards, operates programs to train and qualify security professionals in assessing and achieving compliance with PCI Security Standards, and promotes awareness of the need for payment data security to the public.

The Council’s five founding global payment brands -- American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. – have incorporated the PCI DSS as the technical requirements for their data security compliance programs. Each founding member also recognizes the practitioners and companies – Qualified Security Assessors and Approved Scanning Vendors -- certified by the PCI Security Standards Council as being qualified to validate compliance to the PCI DSS, making the Council a centralized resource for access to standards and services approved by all five payment brands.

Finally, there is an important differentiator that merchants should know about. The Council does NOT validate or enforce any organization’s compliance with its PCI Security Standards, nor does it impose penalties for non-compliance. These areas are governed by the payment brands and their partners. If you, as a merchant, have questions about requirements for compliance with any PCI Security Standard, deadlines for or reporting of compliance, only the payment brands can supply the answers, not the Council. Start with these links:


Inizio pagina

L’ente responsabile degli standard di protezione PCI (l’ “Ente responsabile”) mette a disposizione diversi strumenti, questionari, istruzioni, Domande frequenti (FAQ), risorse per la formazione ed altri materiali ed informazioni per offrire assistenza alle organizzazioni che cercano di ottenere la conformità ai suoi standard (gli “Standard”). Sono disponibili anche prodotti e servizi di terze parti, ma l'Ente responsabile non approva o raccomanda alcuno di tali prodotti o servizi, e consiglia a tutte le organizzazioni che cercano di ottenere la conformità di conoscere gli Standard ed i requisiti correlati prima di acquistare prodotti o servizi di terze parti. In conclusione, per ottenere la conformità è necessario soddisfare tutti i requisiti applicabili, indipendentemente da se e quali prodotti o servizi di terze parti siano utilizzati.
Powered By OneLink