Products

Solutions

Company

Developer

Support

Prices

Contact sales

Sign up for free

Sign up for free

Home

Glossary

PCI DSS

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a security standard for protecting credit card data that all companies processing, storing or transmitting card data must comply with.

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a security standard established by the five major card networks (Visa, Mastercard, AMEX, Discover, JCB). It defines mandatory requirements for all companies that process, store, or transmit credit card data.

The standard comprises 12 main requirements in six areas: network security, data protection, vulnerability management, access control, monitoring, and security policies. Compliance is demonstrated through annual audits or self-assessments (SAQs).

For most online Comerciantes, using a PCI-DSS-certified PSP significantly reduces their own compliance effort: when card data is processed via a hosted checkout or a tokenised payment form, the sensitive data never directly touches the Comerciante system.

PCI DSS examples

An online shop uses its PSP's hosted checkout. Card data is never stored on the shop server — the PCI-DSS compliance effort is minimal.

A large retailer processes card data within its own system and must pass an annual PCI-DSS audit by a Qualified Security Assessor (QSA).

A PSP tokenises card data: instead of the actual card number, a token is stored which is worthless to fraudsters.

PCI DSS FAQ

What is PCI DSS?

PCI DSS is the security standard of the credit card industry. It defines requirements for all companies that process, store or transmit credit card data — to protect against data loss and fraud.

Do I as a Comerciante need to comply with PCI DSS?

Yes, in principle, every business that accepts card payments must comply with PCI DSS. However, for most online Comerciantes, the effort is greatly reduced if they use a PCI-DSS-certified PSP with hosted checkout.

What is tokenisation in the context of PCI DSS?

Tokenisation replaces the real card number with a token — a random value that is worthless to fraudsters. The token can be used for subsequent transactions without the need to store the real card details.

What happens in the event of a PCI DSS violation?

Violations can lead to fines from card networks, increased transaction fees, loss of card acceptance and, in the worst case, liability claims in the event of data loss.

Related terms for PCI DSS

Tokenisation

SSL/TLS

Payment information security

Follow us on social media:

Tap to Pay Mobile App herunterladen:

Contact sales

Become an agency partner

Become an integration partner

Individual Offer

Englisch Europa
Products

Online Payments

Card readers

Payment tools

Tap to Pay

Payment Links

Plugins

QR Invoice

Recurring Payments

Collecting donations

Payments for platforms

Payments for marketplaces

White-label payment gateway

Industries

SME

High-turnover customers

Non-profit organisations

Start-ups

Marketplaces

Platforms

Public Institutions

Associations

Associations

Agencies

Fintech / Acquirers

Resources

Guides

Knowledge Articles

Contact support

Showcases and Demos

Fraud Prevention

Payouts

Downloads

Use Cases

Partner Directory

Newsletter

Payment provider comparisons

Glossary

payrexx.com/llms.txt

Company

About us

References

Career

Apprenticeship/Trial Internship

Press releases

Developer

Overview

Merchant Guide

Platform Guide

Comerciante API

Prices

Prices

Individual Offer

Copyright © 2026 – All rights reserved

Data Protection

Legal Notice

Terms & Conditions / Legal

System status

Accessibility

Follow us on social media:

Tap to Pay Mobile App herunterladen:

Contact sales

Become an agency partner

Become an integration partner

Individual Offer

Englisch Europa
Products

Online Payments

Card readers

Payment tools

Tap to Pay

Payment Links

Plugins

QR Invoice

Recurring Payments

Collecting donations

Payments for platforms

Payments for marketplaces

White-label payment gateway

Industries

SME

High-turnover customers

Non-profit organisations

Start-ups

Marketplaces

Platforms

Public Institutions

Associations

Associations

Agencies

Fintech / Acquirers

Resources

Guides

Knowledge Articles

Contact support

Showcases and Demos

Fraud Prevention

Payouts

Downloads

Use Cases

Partner Directory

Newsletter

Payment provider comparisons

Glossary

payrexx.com/llms.txt

Company

About us

References

Career

Apprenticeship/ Trial Learning

Press releases

Developer

Overview

Merchant Guide

Platform Guide

Comerciante API

Prices

Prices

Individual Offer

Copyright © 2026 – All rights reserved

Data Protection

Legal Notice

Terms & Conditions / Legal

System status

Accessibility

Follow us on social media:

Tap to Pay Mobile App herunterladen:

Contact sales

Become an agency partner

Become an integration partner

Individual Offer

Englisch Europa
Products

Online Payments

Card readers

Payment tools

Tap to Pay

Payment Links

Plugins

QR Invoice

Recurring Payments

Collecting donations

Payments for platforms

Payments for marketplaces

White-label payment gateway

Industries

SME

High-turnover customers

Non-profit organisations

Start-ups

Marketplaces

Platforms

Public Institutions

Associations

Associations

Agencies

Fintech / Acquirers

Resources

Guides

Knowledge Articles

Contact support

Showcases and Demos

Fraud Prevention

Payouts

Downloads

Use Cases

Partner Directory

Newsletter

Payment provider comparisons

Glossary

payrexx.com/llms.txt

Company

About us

References

Career

Apprenticeship/ Trial Learning

Press releases

Developer

Overview

Merchant Guide

Platform Guide

Comerciante API

Prices

Prices

Individual Offer

Copyright © 2026 – All rights reserved

Data Protection

Legal Notice

Terms & Conditions / Legal

System status

Accessibility