Skip to main content

Payment Card Industry DSS v3.2.1 (Level 4)

Back to Legal Documents

American Digital Services has selected, and applies, the PCI DSS 3.2.1 as one of the frameworks for our information systems, technologies, and security.

https://www.pcisecuritystandards.org/documents/PCI_DSS-QRG-v3_2_1.pdf

Since 2005, over 11 billion consumer records have been compromised from over 8,500 data breaches. These are the latest numbers from The Privacy Rights Clearinghouse, which reports on data breaches and security breaches impacting consumers dating back to 2005.

To improve the safety of consumer data and trust in the payment ecosystem, a minimum standard for data security was created. Visa, Mastercard, American Express, Discover, and JCB formed the Payment Card Industry Security Standards Council (PCI SSC) in 2006 to administer and manage security standards for companies that handle credit card data. Before the PCI SSC was established, these five credit card companies all had their own security standards programs—each with roughly similar requirements and goals. They banded together through the PCI SSC to align on one standard policy, the PCI Data Security Standards (known as PCI DSS) to ensure a baseline level of protection for consumers and banks in the Internet era.