Frequently Asked Question

Yes. PCI SSC considers the guidance provided from many different standards organizations when updating our standards, balancing the guidance against the unique needs and challenges of the payments industry.

There may be differences between PCI standards and specific recommendations from other standards organizations due in part to the industries they were written for and the information they are designed to protect. PCI standards have long been focused on providing specific direction and guidance on meeting security outcomes for payment environments and solutions, providing security requirements that can be implemented by a broad range of stakeholders throughout the payment ecosystem.