支付卡行业安全标准协会(PCI SSC)是一个开放的全球论坛,致力于账户数据安全标准的持续发展、完善、存储、普及与实施。
PCI安全标准协会的使命是:通过推动PCI安全标准的教育和普及,不断提升支付账户数据的安全性。该组织由American Express(美国运通)、Discover Financial Services(发现金融服务公司)、JCB International(JCB国际信用卡公司)、MasterCard(万事达卡国际组织)与Visa Inc(Visa公司)共同创建。查询进一步信息,请访问官方网站https://zh.pcisecuritystandards.org/minisite/en/。
The Payment Card Industry Security Standards Council, or PCI SSC – often termed simply “the Council” – is an open global forum, launched in 2006, that develops, maintains and manages the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) Requirements.
Our standards cover everything from the point of entry of card data into a system, to how the data is processed, through secure payment applications. We seek to protect and educate industry players such as merchants, processors, financial institutions, and any other organizations that store, process, and transmit cardholder data, around the world.
The Council works to educate stakeholders about the PCI Security Standards, operates programs to train and qualify security professionals in assessing and achieving compliance with PCI Security Standards, and promotes awareness of the need for payment data security to the public.
The Council’s five founding global payment brands -- American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc. – have incorporated the PCI DSS as the technical requirements for their data security compliance programs. Each founding member also recognizes the practitioners and companies – Qualified Security Assessors and Approved Scanning Vendors -- certified by the PCI Security Standards Council as being qualified to validate compliance to the PCI DSS, making the Council a centralized resource for access to standards and services approved by all five payment brands.
Finally, there is an important differentiator that merchants should know about. The Council does NOT validate or enforce any organization’s compliance with its PCI Security Standards, nor does it impose penalties for non-compliance. These areas are governed by the payment brands and their partners. If you, as a merchant, have questions about requirements for compliance with any PCI Security Standard, deadlines for or reporting of compliance, only the payment brands can supply the answers, not the Council. Start with these links:
American Express: www.americanexpress.com/datasecurity
Discover Financial Services: http://www.discovernetwork.com/merchants/
JCB International: http://partner.jcbcard.com/security/jcbprogram/index.html
MasterCard: http://www.mastercard.com/sdp
Visa Inc: http://www.visa.com/cisp
Visa Europe: http://www.visaeurope.com/ais