SonicWALL PCI Compliance Solution Brief
The Payment Card Industry (PCI) Data Security Standard (DSS) applies to any organization that processes, transmits or stores payment card transactions or cardholder information. PCI applies not only to retailers but also to any business that accepts a single payment card transaction, no matter the size or industry. That includes government agencies, hospitals, schools, professionals who offer credit card payments, business-to-business companies, or nonprofits. It applies to transactions with credit cards, debit cards and “chip and PIN” cards, sometimes called smart cards.
PCI DSS consists of more than 200 individual control elements designed to secure the transmission, storage and processing of payment cardholder data. This data is often referred to as the Primary Account Number (PAN), which is the number identifying the card issuer and the cardholder account. These guidelines address the three Ps common to any compliance initiative: policies (adopted by merchants), people (who manage and monitor system controls), and products (that protect the PAN data).