# Security & Compliance(PCI)

**PCI compliance is compliance with The Payment Card Industry** Data Security Standard (PCI DSS), a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.

**Requirements for PCI DSS Compliance**

1. **Use and Maintain Firewalls —** Firewalls essentially block access of foreign or unknown entities attempting to access private data. These prevention systems are often the first line of defense against hackers
    
2. **Proper Password Protections — —** Routers, modems, point of sale (POS) secure systems, and other third-party products often come with generic passwords and security measures easily accessed by the public.
    
3. **Encrypt Transmitted Data —** Cardholder data is sent across multiple ordinary channels (i.e., payment processors, home office from local stores, etc.).
    
4. **Restrict Physical Access —** Any cardholder data must be physically kept in a secure location. Both data that is physically written or typed and data that is digitally-kept should be locked in a secure room.