Payment Card Industry Data Security Standards

The Payment Card Industry Data Security Standard (PCI DSS) is a framework of 12 requirements, both technical and operational, created by the credit card brands in an effort to protect cardholder data and processes, and ultimately reduce the risk of credit card fraud and data breaches.

The standards apply to all entities that store, process or transmit cardholder data – with guidance for software developers and manufacturers of applications and devices used in those transactions.  PCI DSS is managed by the PCI Security Standards Council (PCI SSC) and is enforced by the founding members of the council, American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.
   
PCI DSS has 12 requirements grouped into 6 subject areas.
 
If you have any questions or concerns regarding your role with the PCI program, or need assistance determining the compliance relevance of any operational process within your respective area or business unit, please direct your inquiries to:

Treasury Operations

UMIT PCI Team