Who Needs to be PCI Compliant?

If you’re trying to figure out who needs to be PCI compliant, you’ve come to the right place. We understand that the topic of PCI compliance can be complex and even yawn-inducing. But it is really important. So important in fact, that your business success could hinge on it. After all, we’re all just one data breach away from a front-page headline.

Chances are that if you’re asking the question, you likely need to be PCI compliant. Don’t worry though. We’ve synthesized the complex documentation and industry jargon so that you don’t have to.

Now that you know what PCI DSS compliance means, it’s time to learn which of the PCI standards apply to you.

Business

PCI Data Security Standard (PCI DSS)

PCI DSS applies to any organization that stores, processes and/or transmits cardholder data. This is by far the largest set of standards. If your business accepts credit cards as a form of payment, PCI DSS applies to you. Learn More

Device Manufacturer

PIN Transaction Security (PTS) Requirements

A set of requirements focused on the protection of cardholder PINs. It is geared toward companies that make credit card terminals, PIN pads and card readers. Learn More

Software Vendor

Payment Application Data Security Standard (PA-DSS)

The PA-DSS is for software vendors and others who develop payment applications that store, process or transmit cardholder data and/or sensitive authentication data. Learn More

Value Added Reseller

Qualified Integrator and Reseller (QIR) Program

Organizations that implement, configure and support payment applications on behalf of merchants can participate in the QIR program. This program is geared toward VARs, dealers and solution providers that sell and install point-of-sale systems. Learn More