What is PCI DSS? As a merchant accepting cards for payment, what are my obligations?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of technical and operational requirements designed by principal payment industry institutions to safeguard cardholder data. PCI DSS applies to all entities that store, process or transmit cardholder data. Merchants need to comply with the following requirements that represent the default security controls for their business:

Build and Maintain a Secure Network and Systems	install and maintain a firewall configuration to protect cardholder data do not use vendor-supplied defaults for system passwords and other security parameters.
Protect Cardholder Data	protect stored cardholder data encrypt transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program	use and regularly update anti-virus software develop and maintain secure systems and applications.
Implement Strong Access Control Measures	restrict access to cardholder data by business need-to-know identify and authenticate access to system components restrict physical access to cardholder data.
Regularly Monitor and Test Networks	track and monitor all access to network resources and cardholder data regularly test security systems and processes.
Maintain an Information Security Policy	maintain a policy that addresses information security for all personnel.

Is my money safe?

What should I do to ensure safe and secure online banking?

What should I do to ensure secure mobile banking?

Is my private information safe?