pci-compliance

version: 4.1.0-fractal name: pci-compliance description: Implement PCI DSS compliance requirements for secure handling of payment card data and payment systems. Use when securing payment processing, achieving PCI compliance, or implementing payment card security measures.

PCI Compliance

Master PCI DSS (Payment Card Industry Data Security Standard) compliance for secure payment processing and handling of cardholder data.

Do not use this skill when

• The task is unrelated to pci compliance
• You need a different domain or tool outside this scope

Instructions

• Clarify goals, constraints, and required inputs.
• Apply relevant best practices and validate outcomes.
• Provide actionable steps and verification.
• If detailed examples are required, open resources/implementation-playbook.md.

Use this skill when

• Building payment processing systems
• Handling credit card information
• Implementing secure payment flows
• Conducting PCI compliance audits
• Reducing PCI compliance scope
• Implementing tokenization and encryption
• Preparing for PCI DSS assessments

PCI DSS Requirements (12 Core Requirements)

🧠 Knowledge Modules (Fractal Skills)

1. Build and Maintain Secure Network

2. Protect Cardholder Data

3. Maintain Vulnerability Management

4. Implement Strong Access Control

5. Monitor and Test Networks

6. Maintain Information Security Policy

7. Using Payment Processor Tokens

8. Custom Tokenization (Advanced)

9. Data at Rest

10. Data in Transit

11. Input Validation

12. SAQ A (Least Requirements)

13. SAQ A-EP

14. SAQ D (Most Requirements)