In 2001, Visa and MasterCard each intigated basic levels of credit card security Compliance programs, in wish both retailers (Known as Merchants), bank and all entities that provided cardholder authentification and authorisation services (Known as Service Provider).
Visa has created CISP for US Market, AIS for European Market (Card Holder Information Security Programme) and MasterCard had created SDP (Site Data Protection).
In 2004 Visa and MasterCard had set up a joint data security standard known as the Payment Card Industry Data Security Standard (PCI DSS as born !), which incorporated both the CISP and SDP requirements and ensured merchants and services providers had only one security standard,in wihch to demonstate the compliance.
On 2006, the PCI DSS had further evolved and included input from other credit card providers “JCB International, Amex et Discovery), this agreement culminated in the formulation of the PCI Council named PCI Security Standards Council (PCI SSC).
This council was then given the responsibility for the development, management, education and awareness of PCI DSS and other related standards (PA DSS, PTS…)
Adherence to the Stnafard may require specific compliance certification by PCI SSC sanctionned Approved Scanning Vendors (ASVs), which provide periodic vulnerability scanning of Internet facing systems, as well as Qualified Security Assessors (QSAs) which validate asherence to the PCI DSS to provide confidence that cardholder information is adequately protected.
In addition to PCI DSS, the council (PCI SSC) defines the payment application – knows PA DSS. This standard allows vendors, manufactures and entities wich develop payment processing applications and physical PIN ENTRY DEVICES (PED), to adhere to a standardised device security requirement, this standard also incorporates how the device will be tested (Methodology).
The PCI Council first released version 1.1 of the PCI Standard, and the updated the standard to version 1.2 on October 2008. This was further updated to 1.2.1 in July 2009 and version 2 was released in October 2010. The last version at this time is 3.0 lauched on October 2013. The version 2.0 is available up to October 2014.