The e-commerce Payment Card Industry Data Security Standard (PCIDSS) compliance standards were established by the major credit card companies, working as the Payment Card Industry Security Standards Council (PCISSC). These e-commerce PCI compliance standards were meant to prevent security breaches and identity theft.

The PCIDSS standardized the Primary Account Number (PAN) information, providing 12 procedural and system requirements.

The 12 PCIDSS requirements were broken into 6 categories:
A.) Secure Network - 1.) Firewall and 2.) Reset Passwords
B.) Protect Cardholder Data - 3.) Protect Data and 4.) Encryption
C.) Vulnerable Management Program - 5.) Anti-Virus Software and 6.) Secure Systems
D.) Access Controls - 7.) Restrict Computer Access, 8.) Unique Access ID and 9.) Restrict Physical Access
E.) Monitor and Test Network - 10.) Monitor and 11.) Test Network
F.) Information Security Policy - 12.) Maintain Policy

PCIDSS affects e-businesses, banks, vendors and credit card companies. The PCI has published a Self-Assessment Questionnaire with four different versions. The PCI includes a time-consuming audit of systems processing credit cards and fines for noncompliance.

PCI compliance includes validation of database access, cloaking of Web infrastructure and filtering transmissions. The firewall hides the payment processing center behind electronic and physical barriers.
Firewall software measures common hacker tools and footprints - such as protocol violations, cookie usage and cross-site scripting (XSS) injections to steal data. Through monitoring, analyzing, preventing and reporting these attacks, Information Technology (IT) professionals can address possible hacker attacks.

The e-commerce PCI compliance standards protect personal information against theft.