PCI DSS: What It Is, Why It Matters, and How SaaS Companies Should Think About It
A Little History Before PCI DSS, every credit card company had its own security program. Visa had CISP, Mastercard had SDP, Amex had DSOP — and it was a mess. Merchants didn’t know which rules to follow. Security was inconsistent. Fraud was exploding. In 2004, Visa, Mastercard, Amex, Discover, and JCB finally came together and said: enough. They formed the PCI Security Standards Council (PCI SSC) and created one standard: PCI DSS — the Payment Card Industry Data Security Standard. ...