To protect cardholder data, reduce fraud, and minimize the chances of a data breach resulting from malicious attacks, the Payment Card Industry Security Standard Council (PCI SSC) has implemented the Payment Card Industry Data Security Standards, or PCI DSS. Companies that store, transmit, or process sensitive card data must comply with PCI DSS.
Sensitive card data includes any personally identifiable data associated with a card holder (Cardholder data or CHD) such as the PAN (Primary Account Number), or any data that is used to authenticate the card holder (Sensitive Authentication Data or SAD) such as the PIN or CVC.
With Adyen Issuing, whether you are in scope for PCI will depend on the design and scope of your card program, your implementation and the type of cards you intend to use (physical, virtual, or both). To understand the exact PCI requirements applicable to your card program, reach out to your Adyen contact.