What is PCI DSS?
The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect account data. PCI DSS applies to all entities involved in payment card processing—including merchants, processors, acquirers, issuers, and service providers. PCI DSS also applies to all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD).
What constitutes Cardholder Data?
From PCI Security Standards: At a minimum, cardholder data consists of the full PAN (Primary Account Number. Cardholder data may also appear in the form of the full PAN plus any of the following: cardholder name, expiration date and/or service code.
What is a PAN?
A PAN, or Primary Account Number, is the unique account number given to customers when they are granted a payment card. This is also commonly referred to as the “card number” and identifies the issuer and the particular cardholder account.
Note: Keeping the first 6 numbers or the last 4 digits of a PAN is acceptable for recordkeeping purposes, and does not constitute Cardholder Data.
Why is this important to Georgia Tech?
Georgia Tech processes payment cards on campus for various products and services. To continue processing payment cards, Georgia Tech must attest that they are compliant to the standard. Should Georgia Tech be found to be Not Compliant, the Institute may lose the ability to process payments using payment cards.
How do I complete the necessary training to process payment cards?
Please go to this page on sites.gatech.edu/pcidss.
Who should I contact for more information?
For information on compliance to PCI DSS, contact compliance@security.gatech.edu.
Is there anywhere I can get more information about PCI DSS or the PCI Security Standards Council?
Yes! The PCI Security Standards Council FAQs is located here.