Payment card industry

The payment card industry (PCI) denotes the debit, credit, prepaid, e-purse, ATM, and POS cards and associated businesses.

The term is sometimes more specifically used to refer to the Payment Card Industry Security Standards Council, a council originally formed by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International on Sept. 7, 2006, with the goal of managing the ongoing evolution of the Payment Card Industry Data Security Standard. The council itself claims to be independent of the various card vendors that make up the council.

The PCI Council formed a body of security standards known as the PCI Data Security Standards, (PCI DSS), and these standards consist of 12 significant requirements including multiple sub-requirements which contain numerous directives against which businesses may measure their own payment card security policies, procedures and guidelines. By complying with qualified assessments (see QSA) of these standards, businesses can become accepted by the PCI Standards Council as compliant with the 12 requirements, and thus receive a compliance certification and a listing on the PCI Standards Council website. Compliance efforts and acceptance must be completed on a periodic basis. (See PCI DSS.)

When the acronym PCI is listed within job requirements, it most frequently refers the many disciplines of managing the PCI compliance effort within the applicable business entity.

The PCI Council compliance within any card handling business' security process can be considered part of inter-related disciplines of governance, risk, and compliance (GRCM), as well as part of information security.

Membership and Participation

Members of the PCI Security Standards Council currently consist of the five major payment brands: Visa, MasterCard, American Express, Discover, and JCB. The executives and management of the PCI SSC are also filled by employees of the aforementioned payment brands.

Interested parties can participate in the development of the PCI security standards through registration as a Participatory Organization. These participants are organized into Special Interest Groups which are tasked with recommending revisions to and the further development of the various security standards maintained by the council.

International payment schemes

Regional and National Payment Schemes

Interac Association

The Interac Association is Canada's national organization linking Financial Institutions and enterprises that have proprietary networks, to enable communication with each other for the purpose of exchanging electronic financial transactions. The Association was founded in 1984 by the big five banks. Today, there are over 80 members. The Interac Association is the organization responsible for the development of Canada's national network of two shared electronic financial services: Shared Cash Dispensing (SCD) for cash withdrawals from any ABM not belonging to a cardholder's financial institution; and Interac Direct Payment (IDP) for Debit Card payments at the Point-of-Sale

See also

• Data Loss Prevention
• PCI DSS
• GRCM
• Card Payment Software Comparison
• Payment gateway
• Payoneer
• Payments as a platform
• Payment system
• Payment processor
• Prepayment for service
• Payment service provider

External links

Payment card industry

• PCI Security Standards Council, the organization responsible for the development, enhancement, storage, dissemination and implementation of security standards for account data protection.
• The European Payment Council (EPC) is the decision-making and coordination body of the European banking industry in relation to payments.
• PCI Security Standards Council Participating Organizations

EMV

• EMVCo, the organisation responsible for developing and maintaining the EMV standard
• Chip and PIN, site run by the UK Payments Administration (UKPA), the UK's central co-ordinating authority for the implementation of EMV
• Migration 2 Chip, The Migration 2 Chip Program