The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help payment card industry organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise.

It stands for  Payment Card Industry - Data Security Standard  and is a set of security practices set forth by major credit card companies to protect card-holder data. 

No it is not required by law.  It is nothing more than a set of recommended security practices set by Credit Card companies 

You should care primarily because these are good security practices that helps secure your network and protect your consumer data , and hence minimize business disruption due to security issues and increase consumer confidence to do more ecommerce online. Though it is not law, there are non compliance fines and sanctions enforced by Credit card companies on merchants not complying to PCI-DSS.   There are also risks of financial implications (loss of revenue, potential lawsuits) due to identity theft and can cause unwanted media attention  and impact to the Organization Brand and Reputation

The standard applies to all organizations that hold, process, or exchange cardholder information from any card branded with the logo of one of the card brandsThe program applies to all payment channels (retail, ecommerce etc..). The PCI offers a standard approach for protecting sensitive data for all card brands

The PCI DSS specifies the 12 requirements for compliance, organized into six logically-related groups, which are called “control objectives

Indusface is a authorized distributor of Entrust SSL certificates. This can be used to encrypt transmission of sensitive information over the net and combined with our information protection suite can also be used to protect and encrypt stored data in files and folders.  This specifically helps address items 3 and 4 from the PCI requirements.  This can be bundled with Indusguard website monitoring service to do daily scans of merchant websites and check for vulnerabilities, conduct  application audit and check for Malware.  This helps adhere to item6 from the PCI requirements in a more secure & cost effective manner.  The current alternative of engaging in manual tests/scans is  time consuming and more costly resulting in Merchants doing the bear minimal needed to meet compliance (e.g quarterly scans instead of daily) and compromise security. Indusgurad also provides PCI reports from the scans with specific remediation guidance in the report on what needs to be done to address non-compliance. Our solutions are also supported and backed by a team of qualified security consultants who can also be engaged for additional Security consulting professional services and consulting to help Enterprises meet their security objectives.

Any ecommerce sites which accepts payments over the internet can use our IndusGuard service to do website monitoring and differentiate themselves by providing a secure commerce environment for their customers

Payment Gateway solutions can bundle our services with their offering and differentiate themselves to offer it as a value added service to the merchants along with their payment gateway solution