Payment card industry
The term is sometimes more specifically used to refer to the Payment Card Industry Security Standards Council, a council originally formed by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International on Sept. 7, 2006, with the goal of managing the ongoing evolution of the Payment Card Industry Data Security Standard. The council itself claims to be independent of the various card vendors that make up the council.
The PCI Council formed a body of security standards known as the PCI Data Security Standards, (PCI DSS), and these standards consist of 12 significant requirements including multiple sub-requirements which contain numerous directives against which businesses may measure their own payment card security policies, procedures and guidelines. By complying with qualified assessments (see QSA) of these standards, businesses can become accepted by the PCI Standards Council as compliant with the 12 requirements, and thus receive a compliance certification and a listing on the PCI Standards Council website. Compliance efforts and acceptance must be completed on a periodic basis. (See PCI DSS.)
When the acronym PCI is listed within job requirements, it most frequently refers the many disciplines of managing the PCI compliance effort within the applicable business entity.
The PCI Council compliance within any card handling business' security process can be considered part of inter-related disciplines of governance, risk, and compliance (GRCM), as well as part of information security.
Membership and Participation
Members of the PCI Security Standards Council currently consist of the five major payment brands: Visa, MasterCard, American Express, Discover, and JCB. The executives and management of the PCI SSC are also filled by employees of the aforementioned payment brands.
Interested parties can participate in the development of the PCI security standards through registration as a Participatory Organization. These participants are organized into Special Interest Groups which are tasked with recommending revisions to and the further development of the various security standards maintained by the council.
International payment schemes
|This section requires expansion. (January 2011)|
Regional and National Payment Schemes
The Interac Association is Canada's national organization linking Financial Institutions and enterprises that have proprietary networks, to enable communication with each other for the purpose of exchanging electronic financial transactions. The Association was founded in 1984 by the big five banks. Today, there are over 80 members. The Interac Association is the organization responsible for the development of Canada's national network of two shared electronic financial services: Shared Cash Dispensing (SCD) for cash withdrawals from any ABM not belonging to a cardholder's financial institution; and Interac Direct Payment (IDP) for Debit Card payments at the Point-of-Sale
Payment card industry
- PCI Security Standards Council, the organization responsible for the development, enhancement, storage, dissemination and implementation of security standards for account data protection.
- The European Payment Council (EPC) is the decision-making and coordination body of the European banking industry in relation to payments.
- Merchant Services Canada (MPS) is a Canadian merchant account processor.
- PCI Security Standards Council Participating Organizations
- EMVCo, the organization responsible for developing and maintaining the EMV standard
- Chip and PIN, site run by the UK Payments Administration (UKPA), the UK's central co-ordinating authority for the implementation of EMV