The PCI SSC created a set of standards called Payment Card Industry Data Security Standards or PCI DSS. These are the official security standards that each retailer must adhere to if processing credit card transactions and are part of your merchant agreement. What this means is that you are financially (and potentially criminally) liable if someone gains access to your customers’ credit card data; if you are found to be out of compliance with PCI DSS.
The primary objective of PCI DSS is to reduce the risk of a data breach of cardholder information by creating a secure environment within your business operations. By following these standards, not only do you satisfy the requirements of your acquiring bank, you are working to protect your customer’s information, as well as, your company’s brand and reputation.