Home Credit Card Which Cards Fall Under The Scope Of PCI DSS?

Which Cards Fall Under The Scope Of PCI DSS?

credit cards pci dss
credit cards pci dss

Being compliant with PCI DSS is a must for any commercial operation if it wants to handle card payments. That is, for any operation functioning within the bounds of the law, anyway. And because the standard applies to data security in general, this is the case whether the transactions are made in person, digitally, or even over the phone.

In any business’s effort to adhere to these standards, it’s good to be aware of card types that fall under PCI DSS. The short answer is that there are relatively few major networks that provide credit, debit, and prepaid cards, but that together these account for a large number of the payment methods you’ll see. Here, we’ll give a brief overview of the five networks covered by PCI DSS as participants in the PCI Security Standards Council (PCI SSC).

Visa International

An undisputed leader when it comes to processing payments, the California-based behemoth processed a total volume of $12.5 trillion between the summers of 2020 and 2021. The size and ubiquity of VisaNet is part of its appeal, and is used in all its products. The prepaid cards that use their Visa Readylink services for quick top-ups, such as the Starbucks® Rewards Visa® Prepaid Card, are certainly popular as well; they’re widely useful and have low fees compared to other prepaid cards. Forbes has been critical of these cards’ value propositions, but by and large prepaid and conventional Visa options alike are favored by countless consumers.

American Express

A company with quite the venerable history stretching back to the mid-19th century, AmEx is among the most popular providers for consumer cards as well. One reason for this is the variety of rewards cards it supports, such as the Delta SkyMiles® Gold Card or the well-regarded Hilton Honors Aspire Card. It’s also known for cards with popular perks, with AskMoney having noted in a past article that American Express supports more than one of the best rewards cards out there — namely, their own branded Gold and Platinum offerings.


Cards operating on the Japan Credit Bureau network are ubiquitous in East Asia, but have a worldwide presence as well. JCB has made many global partnerships such as with Santander in Spain and Discover in the USA, meaning that anywhere Discover cards are accepted, these should work, too.


Discover isn’t accepted as widely as some of the bigger players on this list. For instance, one notable exclusion is at Costco, which actually made an exclusive deal with Visa. But the good news is that like the others, compliance with PCI DSS means you have the ability to accept Discover card payments –– which are still quite popular –– knowing that you’ve met security standards to do so.


The smaller of the two dominant players, MasterCard tends to come across essentially as the direct counterpart to Visa. You may in act wonder if there are any meaningful differences between how the two operate. In many respects, the answer is no, as MarketWatch has more or less explained before. At the level of consumer services, there’s a slight difference in terms of fee structure. But the only other notable difference comes in some of the specific brand tie-ins. For instance, while Visa Signature Cards have discounts on golf experiences through Troon Rewards®, its counterpart, the World Mastercard, has partnered with PGA Tour®.

Other card companies such as Capital One will vary in terms of data security standards, and you’ll have to refer to their own documentation on the subject. But the five companies above and the countless cards they support will all work smoothly for you under PCI DSS. We hope this has been helpful, and don’t hesitate to return to PCI DSS Guide if you need further clarification on this or related topics.