PCI DSS stands for payment card industry data security standard. It’s a framework designed to protect the entire payment card value chain.
There are 12 requirements are met which are considered as PCI complaint
| Goals | Requirements |
| Build and Maintain a secure network & systems | Req.1 : Install & maintain a firewall configuration Req 2 : Don’t use vendor-specified defaults for system passwords and other parameters |
| Protect cardholder data | Req.3: Protect stored cardholder data Req.4 : Encrypt transmission of cardholder data across open, public networks |
| Maintain a vulnerability management program | Req.5: Protect all systems against malware and regularly update antivirus software or programs Req.6: Develop & maintain secure systems and applications |
| Implement strong access control measures | Req 7: Restrict access to cardholder data by business need to know Req 8: Identify and authenticate access to system components Req 9: Restrict physical access to cardholder data |
| Regularly Monitor and test networks | Req.10: Track and monitor all access to network resources and cardholder data Req.11 : Regularly test security systems and processes |
| Maintain an information security policy | Req.12: Maintain a policy that addresses information security for all personnel |