PCI Scanning is a very confusing subject and one that many people have to deal with on a regular basis. I have found that one way that helps me gain a better understanding of things is to learn about the history of things. This tells you a lot about its purpose as well as how it works. A big part of PCI Scanning that I felt it would be beneficial to learn more about is PCI DSS.

PCI DSS, or Payment Card Industry Data Security Standard, is a set of requirements that merchants must abide by if they accept any type of credit card information. These requirements were created in order to protect the sensitive information that people have to give over the internet when they use their credit cards to make purchases.

PCI DSS is fairly new, only being created within the last five years. Before the PCI DSS existed each credit card company had their own set of requirements that merchants must follow. They were all fairly similar, but it was a big pain for the merchants to have to comply with five different sets of requirements.

On December 15, 2004 the five major credit card companies (American Express, Discover, JCB, Mastercard, and Visa) got together and decided to form a neutral organization called the Payment Card Industry Security Standards Council that created just one set of requirements that merchants had to comply with making it easier for all parties involved.

The PCI DSS can still be fairly comprehensive, although it depends on how many sells your company makes per year. The more sells you make the more in depth the requirements are that you must comply with. Most approved PCI Scanning vendors are geared toward the larger companies making it more confusing for the smaller companies to get certified. The good news is that Trust Guard will be offering PCI Scanning that is geared toward the smaller companies starting on January 1, 2009. To find out more information visit http://www.trust-guard.com.