Table of Contents
WHAT IS PCI COMPLIANCE?
Payment card industry (PCI) compliance, also referred to as Payment Card Industry Data Security Standard (PCI DSS) compliance, refers to the technical and operational standards businesses must follow to protect cardholder credit card data. PCI security is enforced by the PCI Standards Council, and all businesses that store, process, or transmit credit card data electronically are required to follow its compliance guidelines. If merchants do not handle credit card information properly, user card information can potentially be hacked and stolen, then used to make fraudulent purchases. Additionally, sensitive cardholder information could be used for iddentity fraud.
PCI DSS requires that all Level 1 businesses (with more than 6 million credit card transactions per year) undergo a yearly PCI audit conducted by a qualified auditor. Though these are industry rules rather than laws, the risks involved with noncompliance can be significant including penalties, lawsuits, and erosion of a company’s brand image and trust.
Solutions that provide automated vulnerability detection and defenses can be very effective components of PCI DSS compliance programs.
Contrast is the clear customers’ choice
Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.
Built for Developers. Trusted by Security.
Learn Secure Code
CROSS SITE SCRIPTING (XSS)
Learn about Cross site scripting (XSS) and how it affects your Java source code
SQL INJECTION
Learn about SWL injection and how it affects your Java source code
CLIENT SIDE INJECTION
Learn about client-side injection and how it can affect your source code