PCI DSS
E184232
PCI DSS (Payment Card Industry Data Security Standard) is a global set of security requirements designed to protect cardholder data and reduce credit card fraud for organizations that handle payment card information.
All labels observed (13)
| Label | Occurrences |
|---|---|
| PCI DSS canonical | 9 |
| PCI Data Security Standard | 5 |
| Payment Card Industry Data Security Standard | 2 |
| PCI DSS (for certain configurations) | 1 |
| PCI DSS (via rules and conformance packs) | 1 |
| PCI DSS v1.0 | 1 |
| PCI DSS v1.1 | 1 |
| PCI DSS v1.2 | 1 |
| PCI DSS v2.0 | 1 |
| PCI DSS v3.1 | 1 |
| PCI DSS v3.2 | 1 |
| PCI DSS v3.2.1 | 1 |
| PCI DSS v4.0 | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T1634215 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: PCI DSS Context triple: [Google Cloud, providesCompliance, PCI DSS]
-
A.
PCI Security Standards Council
The PCI Security Standards Council is a global forum that develops and manages security standards for payment card data protection, including the PCI Data Security Standard (PCI DSS).
-
B.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
C.
Federal Information Processing Standards
Federal Information Processing Standards are publicly announced, U.S. government–wide standards that define requirements for information security, data formats, and interoperability in federal computer systems.
-
D.
ISO/IEC 7816
ISO/IEC 7816 is an international standard series that defines the physical, electrical, and communication characteristics and protocols for integrated circuit (smart) cards and their interfaces.
-
E.
ISO/IEC 27002
ISO/IEC 27002 is an international standard that provides best-practice guidelines and controls for information security management.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: PCI DSS Target entity description: PCI DSS (Payment Card Industry Data Security Standard) is a global set of security requirements designed to protect cardholder data and reduce credit card fraud for organizations that handle payment card information.
-
A.
PCI Security Standards Council
The PCI Security Standards Council is a global forum that develops and manages security standards for payment card data protection, including the PCI Data Security Standard (PCI DSS).
-
B.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
C.
Federal Information Processing Standards
Federal Information Processing Standards are publicly announced, U.S. government–wide standards that define requirements for information security, data formats, and interoperability in federal computer systems.
-
D.
ISO/IEC 7816
ISO/IEC 7816 is an international standard series that defines the physical, electrical, and communication characteristics and protocols for integrated circuit (smart) cards and their interfaces.
-
E.
ISO/IEC 27002
ISO/IEC 27002 is an international standard that provides best-practice guidelines and controls for information security management.
- F. None of above. chosen
Statements (62)
| Predicate | Object |
|---|---|
| instanceOf |
information security standard
ⓘ
payment card security standard ⓘ |
| abbreviationFor |
PCI DSS
self-linksurface differs
ⓘ
surface form:
Payment Card Industry Data Security Standard
|
| appliesTo |
acquiring banks
ⓘ
merchants ⓘ organizations that process cardholder data ⓘ organizations that store cardholder data ⓘ organizations that transmit cardholder data ⓘ payment processors ⓘ service providers handling payment card data ⓘ |
| cardBrandsInvolved |
American Express
ⓘ
Discover ⓘ JCB Co., Ltd. ⓘ
surface form:
JCB
Mastercard ⓘ Visa ⓘ |
| category |
compliance
ⓘ
cybersecurity ⓘ |
| complianceValidatedBy |
Internal Security Assessor
ⓘ
Qualified Security Assessor program ⓘ
surface form:
Qualified Security Assessor
Self-Assessment Questionnaire ⓘ |
| contains |
12 high-level requirements
ⓘ
operational security requirements ⓘ technical security requirements ⓘ |
| developedBy | PCI Security Standards Council ⓘ |
| fullName |
PCI DSS
self-linksurface differs
ⓘ
surface form:
Payment Card Industry Data Security Standard
|
| geographicScope | global ⓘ |
| governedBy | PCI Security Standards Council ⓘ |
| hasVersion |
PCI DSS
self-linksurface differs
ⓘ
surface form:
PCI DSS v1.0
PCI DSS self-linksurface differs ⓘ
surface form:
PCI DSS v1.1
PCI DSS self-linksurface differs ⓘ
surface form:
PCI DSS v1.2
PCI DSS self-linksurface differs ⓘ
surface form:
PCI DSS v2.0
PCI DSS v3.0 ⓘ PCI DSS self-linksurface differs ⓘ
surface form:
PCI DSS v3.1
PCI DSS self-linksurface differs ⓘ
surface form:
PCI DSS v3.2
PCI DSS self-linksurface differs ⓘ
surface form:
PCI DSS v3.2.1
PCI DSS self-linksurface differs ⓘ
surface form:
PCI DSS v4.0
|
| industry | payment card industry ⓘ |
| introduced | 2004 ⓘ |
| isMandatoryFor |
American Express merchants under card brand rules
ⓘ
Discover merchants under card brand rules ⓘ JCB merchants under card brand rules ⓘ Mastercard merchants under card brand rules ⓘ Visa merchants under card brand rules ⓘ |
| purpose |
protect cardholder data
ⓘ
reduce credit card fraud ⓘ secure payment card transactions ⓘ |
| relatedStandard |
PA-DSS
ⓘ
PA-DSS ⓘ
surface form:
PCI SSF
|
| requires |
access control measures
ⓘ
encryption of cardholder data over open public networks ⓘ information security policy ⓘ network segmentation or compensating controls where applicable ⓘ protection of stored cardholder data ⓘ regular monitoring and testing of networks ⓘ secure system configuration ⓘ use of anti-virus software ⓘ use of firewalls ⓘ |
| riskAddressed |
credit card fraud
ⓘ
identity theft related to card data ⓘ payment card data breach ⓘ |
| scope |
cardholder data
ⓘ
sensitive authentication data ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: PCI DSS Description of subject: PCI DSS (Payment Card Industry Data Security Standard) is a global set of security requirements designed to protect cardholder data and reduce credit card fraud for organizations that handle payment card information.
Referenced by (26)
Full triples — surface form annotated when it differs from this entity's canonical label.