PCI Resources
A structured approach to the PCI standards

A structured approach to the PCI standards

Information on Payment Card Industry (PCI) standards including PCI DSS.


The Payment Card Industry (PCI) standards maintained by the PCI SSC have the stated goal to protect card information. My experience that most users can interpret most individual requirements, but lack the overall structured approach (the big picture) to meeting the standards intent. 

Note: Website redesign underway for new style and for the upcoming version of PCI DSS slated for later in 2017. Stay tuned.

This site will provide PCI resources to the community, starting with a series of volumes (digital books) explaining the various facets of the PCI DSS, the main standard maintained by the PCI SSC. Links to other valuable resources will also be provided within each page.

The books can be purchased on the Amazon kindle store* or the Apple iBooks store (for iPad, iPhone and Mac computers). 

The scoping model and approach I use is available here (for free under a creative commons license) and further described and detailed in volume 2.

For more on the PCI DSS, please start with the overview, which links to description of the intent (the objective) of the PCI DSS high-level requirements.

* Note: Amazon Kindle is a platform and not just a physical reader device. Kindle reader applications exist for iPhone/iPad, Android, PC, Mac, and even on the web.