The Payment Card Industry Data Security Standard (PCI DSS) is a set of data protection mandates developed by the major payment card companies and imposed on businesses that store, process, or transmit payment card data. As part of their contracts with the card companies, merchants and other businesses that handle card data may be subject to fines if they fail to meet the requirements of PCI DSS compliance. Since these requirements are complex, a high-level PCI compliance checklist can be helpful in providing an initial introduction to the PCI DSS. Some organizations may also find it useful to develop a detailed PCI compliance checklist to guide their implementation of the standards.
At a summary level, the PCI compliance checklist for merchants and other businesses that handle payment card data consists of 12 requirements mandated by the PCI DSS:
Businesses must assess their current compliance with these operational and cyber security requirements, remediate any vulnerabilities, and report their compliance status to the payment card companies that they work with. Medium and large merchants are also subject to a yearly audit by an independent assessor.
Akamai owns and operates the world's largest and most advanced web commerce acceleration network, helping ecommerce businesses provide high quality web experiences for their customers regardless of where those customers are or what type of web-connected device they use. The Akamai global network also offers built-in web security features that enable our ecommerce customers to more easily check off the items on their PCI compliance checklist: