PCI DSS is an industry-standard for protecting cardholder data worldwide. Companies that process, store, or transmit cardholder data must comply with the PCI DSS if they wish to use large payment card brand cards that make and accept standards.

The PCI DSS has 12 requirements or demands that consist of a few more specific, related controls for each of the more than 300 security checks. For example, PCI Requirement 1 covers the construction and maintenance of a secure network infrastructure. To meet these overall requirements, the presence of properly protected firewalls, routers, and other applications must be ensured to prevent unauthorized access to the cardholder data environment.