Products

Solutions

Company

Developer

Support

Prices

Contact sales

Sign up for free

Sign up for free

Home

Glossary

PCI DSS

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a security standard for protecting credit card data that must be complied with by all companies that process, store or transmit card data.

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a security standard established by the five major card networks (Visa, Mastercard, AMEX, Discover, JCB). It defines mandatory requirements for all companies that process, store or transmit credit card data.

The standard comprises 12 main requirements in six areas: network security, data protection, vulnerability management, access control, monitoring and security policies. Compliance is proven through annual audits or self-assessments (SAQs).

For most online merchants, using a PCI-DSS-certified PSP significantly reduces your own compliance effort: when card data is processed via a hosted checkout or a tokenised payment form, the sensitive data never touches your merchant system directly.

PCI DSS examples

An online shop uses the hosted checkout of its PSP. Card data is never stored on the shop server — the PCI DSS compliance effort is minimal.

A large retailer processes card data in its own system and must pass an annual PCI DSS audit by a Qualified Security Assessor (QSA).

A PSP tokenises card data: Instead of the real card number, a token is stored, which is worthless to fraudsters.

PCI DSS FAQ

What is PCI DSS?

PCI DSS is the security standard of the credit card industry. It defines requirements for all companies that process, store or transmit credit card data — to protect against data loss and fraud.

As a merchant, do you have to comply with PCI DSS?

Yes, in principle every company that accepts card payments must comply with PCI DSS. However, for most online merchants, the effort is greatly reduced if they use a PCI DSS-certified PSP with hosted checkout.

What is tokenisation in the context of PCI DSS?

Tokenization replaces the real card number with a token — a random value that is useless for fraudsters. The token can be used for subsequent transactions without the need to store the real card data.

What happens in the event of a PCI DSS violation?

Violations can lead to fines from the card networks, increased transaction fees, the loss of card acceptance and, in the worst case, liability claims in the event of data loss.

Related terms to PCI DSS

Tokenization

SSL/TLS

Payment information security

Follow us on social media:

Tap to Pay Mobile App download:

Contact sales

Become an agency partner

Become an integration partner

Individual Offer

Englisch
Produkte

Online Payments

Card readers

Payment Tools

Tap to Pay

Payment Links

Plugins

QR Invoice

Recurring Payments

Fundraising

Payments for platforms

Payments for marketplaces

White-label payment gateway

Industries

SME

Umsatzstarke Kund:innen

Non-Profit Organizations

Start-ups

Marketplaces

Platforms

Public Institutions

Clubs

Associations

Agencies

Fintech / Acquirers

Resources

Guides

Knowledge articles

Contact support

Showcases and Demos

Fraud Prevention

Payouts

Downloads

Use Cases

Partnerverzeichnis

Newsletter

Payment provider comparisons

Glossary

payrexx.com/llms.txt

Company

About us

References

Career

Apprenticeship/Trial Apprenticeship

Press releases

Developer

Overview

Händler:innen-Guide

Plattform-Anleitung

Händler:innen API

Prices

Prices

Individual Offer

Copyright © 2026 – All rights reserved

Data Protection

Legal Notice

T&C / Legal

System status

Accessibility

Follow us on social media:

Tap to Pay Mobile App download:

Contact sales

Become an agency partner

Become an integration partner

Individual Offer

Englisch
Produkte

Online Payments

Card readers

Payment Tools

Tap to Pay

Payment Links

Plugins

QR Invoice

Recurring Payments

Fundraising

Payments for platforms

Payments for marketplaces

White-label payment gateway

Industries

SME

Umsatzstarke Kund:innen

Non-Profit Organizations

Start-ups

Marketplaces

Platforms

Public Institutions

Clubs

Associations

Agencies

Fintech / Acquirers

Resources

Guides

Knowledge articles

Contact support

Showcases and Demos

Fraud Prevention

Payouts

Downloads

Use Cases

Partnerverzeichnis

Newsletter

Payment provider comparisons

Glossary

payrexx.com/llms.txt

Company

About us

References

Career

Apprenticeship/ Trial Learning

Press releases

Developer

Overview

Händler:innen-Guide

Plattform-Anleitung

Händler:innen API

Prices

Prices

Individual Offer

Copyright © 2026 – All rights reserved

Data Protection

Legal Notice

T&C / Legal

System status

Accessibility

Follow us on social media:

Tap to Pay Mobile App download:

Contact sales

Become an agency partner

Become an integration partner

Individual Offer

Englisch
Produkte

Online Payments

Card readers

Payment Tools

Tap to Pay

Payment Links

Plugins

QR Invoice

Recurring Payments

Fundraising

Payments for platforms

Payments for marketplaces

White-label payment gateway

Industries

SME

Umsatzstarke Kund:innen

Non-Profit Organizations

Start-ups

Marketplaces

Platforms

Public Institutions

Clubs

Associations

Agencies

Fintech / Acquirers

Resources

Guides

Knowledge articles

Contact support

Showcases and Demos

Fraud Prevention

Payouts

Downloads

Use Cases

Partnerverzeichnis

Newsletter

Payment provider comparisons

Glossary

payrexx.com/llms.txt

Company

About us

References

Career

Apprenticeship/ Trial Learning

Press releases

Developer

Overview

Händler:innen-Guide

Plattform-Anleitung

Händler:innen API

Prices

Prices

Individual Offer

Copyright © 2026 – All rights reserved

Data Protection

Legal Notice

T&C / Legal

System status

Accessibility