The major credit card brands; MasterCard, Visa, Discover, JCB and American Express, created an organization called the PCI Security Standards Council to deal with high rate of occurrence of stolen identities, stolen credit card data and data breaches. The goal of the Council is to create standards for data security within the payment processing industry.
PCI Compliance is not a federal law; however, in order to accept credit cards as a form of payment, merchants must be PCI Compliant or follow the PCI Compliance requirements. Non-compliant merchants risk losing their ability to process credit cards and being audited and/or fined.
Remember, it is the merchant’s responsibility to safeguard customer card data. Choosing partners who are already PCI complaint greatly reduces your risk. Thankfully, while there are several levels of compliance, most merchants qualify for a level that is inexpensive and easy to implement.