PCI Compliance (Payment Card Industry Compliance)

PCI compliance refers to adhering to the Payment Card Industry Data Security Standard (PCI DSS) — a global framework designed to protect cardholder data and ensure secure payment processing.

It applies to any business that stores, processes, or transmits card information, whether online or in person. Compliance requirements vary by transaction volume and include controls for network security, encryption, access management, and regular testing.

Failure to maintain PCI compliance can lead to fines, higher processing fees, or loss of the ability to accept card payments.

Example:

A UK e-commerce business using a payment gateway must ensure that all stored card data is encrypted, staff follow secure handling procedures, and quarterly vulnerability scans are performed — meeting PCI DSS standards.

Used in:

Card acquiring, e-commerce, payment processing, and merchant security governance.