PCI-DSS stands for Payment Card Industry – Data Security Standard
PCI is a council of all the credit card companies that gathered together to create common security standards to adhere to (e.g., Visa, Mastercard, Discover, American Express). They cover credit card information and PII storage (Personally Identifiable Information).
You either have to select a vendor that can process credit cards for you and they adhere to PCI-DSS standards or you’ll need to meet the standards to run cards.
If the merchant you use fails their PCI-DSS annual ROC (Report On Compliance) they can’t process credit cards. You’ll have to go somewhere else.
That assessor is also periodically assessed and has to maintain active certification to do so.
PCI-DSS standards for Security are excellent controls.
They’re good guiding standards.
It gets deeper with levels, 1-4 , depending on how many transactions you process but that’s PCI in a nutshell.