This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

Payment card industry data security standard

Does your company store, process or transmit cardholder data?


All companies that store, process or transmit cardholder data now have to comply with PCI DSS (Payment Card Industry Data Security Standard) – regulation issued by Visa and MasterCard, but endorsed by AMEX and Diners also.

The standard applies to all IT systems and components, including servers, applications and databases throughout the transaction process. It also applies to the manual processes and procedures that are an integral part of any successful security and fraud management solution.

Non compliance may lead to a charge being levied by card issuers. Furthermore, if a company is non-compliant and cardholder data is compromised, this could result in the loss of the right to take credit card payments.

Material on this website is © 2014 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see “About Deloitte” for a more detailed description of DTTL and its member firms.

Get connected
Share your comments


More on Deloitte
Learn about our site