Information on Payment Card Industry (PCI) standards including PCI DSS since 2015
The Payment Card Industry (PCI) standards maintained by the PCI SSC have the stated goal to protect card information. My experience that most users can interpret most individual requirements, but lack the overall structured approach (the big picture) to meeting the standards intent.
This site will provide PCI resources to the community, starting with a series of volumes (digital books as well a physical compilations of the volumes) explaining the various facets of the PCI DSS, the main standard maintained by the PCI SSC. Links to other valuable resources will also be provided within each page.
The physical books can be bought on Amazon (through CreateSpace, an Amazon subsidiary). The digital books can be purchased on the Amazon kindle store* or the Apple iBooks store (for iPad, iPhone and Mac computers).
For more on the PCI DSS, please start with the overview, which links to description of the intent (the objective) of the PCI DSS high-level requirements.
* Note: Amazon Kindle is a platform and not just a physical reader device. Kindle reader applications exist for iPhone/iPad, Android, PC, Mac, and even on the web.
Most referred content
Distributed under a Creative Commons license, the model aims to address a lack of understanding on what people, process and technologies of an organization fall under PCI DSS scope, the generally least understood part of PCI DSS.
The goal of PCI DSS is to protect cardholder data from theft or unauthorized disclosure. This section presents an overview of how the PCI DSS is structured to
TThe goal of this book series (digital and physical) is to provide a common understanding for business and technical people alike, and to provide a way for those people to communicate better about PCI DSS compliance, and information security in general. These books are not for dummies. I believe that PCI DSS can be explained to laymen if properly presented.
The goal of PCI DSS is to protect cardholder data from theft or unauthorized disclosure. This section presents an overview of how the PCI DSS is structured to meet this goal.