PCI Security Standards Council
We strengthen global payment security with payment security standards and resources that are:
Payment Security Standards and Resources
PCI SSC standards and resources help protect the people, processes, and technologies across the payment ecosystem to help secure payments worldwide.
We Help Secure Payments By:
Our standards and resources are powered with feedback from the industry. This input is crucial to reflect industry needs and challenges and continue to keep global payments safe.
Through Participation with the Council Stakeholders Can:
Staying ahead of threats is key. Our standards and resources are developed considering both emerging and established payment technologies and threats.
By Focusing on the Future, We:
The Council facilitates industry knowledge sharing to help protect global payments.
The Council Fosters Industry Collaboration Through:
Broad industry participation is critical to the Council’s mission to help secure payment data globally.
Join the Council today through one of our many participation avenues:
PCI SSC Organizational Structure
Day-to-day management of the Council’s activities is led by the PCI SSC Leadership Team, which reports to the Executive Committee.
Board of Advisors
The Board of Advisors represents PCI SSC Participating Organizations worldwide to ensure global industry involvement in the development of PCI Security Standards. As strategic partners, they bring market, geographical and technical insight into PCI SSC plans and projects.
Who Follows PCI Standards?
The PCI Data Security Standard (PCI DSS) and other applicable PCI Standards are intended for entities that store, process or transmit payment account data, entities accepting or processing payment transactions, and for developers and manufacturers of software and devices used in those transactions.
Does the PCI Security Standards Council enforce compliance?
No. The Council’s role is to develop and maintain standards. We do not monitor the implementation of standards. Whether an entity is required to comply with or validate compliance to a PCI SSC standard is at the discretion of organizations that manage compliance programs, such as a payment brand, acquirer, or other entity. Visit the FAQ page for more information.