spec checked
PCI DSS payment card account data security
Documents PCI DSS as the baseline technical and operational requirements for entities that store, process, or transmit cardholder data or sensitive authentication data.
Pattern Decisions This Source Supports
| Pattern | Supported decision | Required contract | Claim note |
|---|---|---|---|
| Payment card entry | Choose payment card entry when the task is to charge a card, verify a card, save a card payment method, or replace a card-on-file credential. | Users can type, paste, autofill, delete, select, and correct card number, expiry, CVC, and postal code fields without losing entered values. | PCI DSS supports strict treatment for environments that store, process, or transmit payment card account data. |
| Payment collection | Choose payment collection when the main task is taking or reconciling money for a known amount and reference. | Every payment attempt is tied to a stable service reference, amount, currency, and payer context that remains visible before and after provider handoff. | PCI DSS supports protecting payment card data when systems store, process, or transmit cardholder data. |
Evidence Role
This source is treated as spec evidence. Use it to validate the decision rules above, not as a visual style reference.
Publisher: PCI Security Standards Council. Last checked: .