It didn’t take long for debit and credit cards to take over as the main payment method for consumers—a trend that spiked as e-commerce grew and online purchases became the norm. This change in culture came brought a need for new regulations; a way to ensure that consumer data is being protected worldwide.

Recognizing this need, the payment card industry developed a set of minimum standards known as PCI DSS, or Payment Card Industry Data Security Standards. The basics of which are 12 requirements that banks, credit card companies, payment processors, and merchants must follow.

But what, specifically, does PCI DSS cover, and which businesses are required to be in compliance? Are all businesses, regardless of size, under obligation to be in compliance? How often do businesses have to renew?

These are just some of the questions organizations have to answer when they are in the payment industry. Thankfully, our friends at compiled a guide detailing some FAQs and myths regarding compliance that small businesses will find especially useful. Check it out below and feel free to share!

Justin Bonnema

Lead Writer at SAC
Justin left the music business to focus on his true passion: writing. A talented writer and detailed researcher, he’s involved in every department here at SAC to make sure all content is fresh and up-to-date. In his spare time, Justin writes about fantasy football for and practices mixology (he makes a mean margarita).