So What Is PCI Really About? – CSO Online – Security and Risk

But I'm beginning to hear a few disturbing tidbits of information that make me question where the credit card companies are coming from. Think about things from the enforcement side of the equation: The credit card issuers police the merchants for PCI violations and then have the option to levy fines for those violations. Storing full credit card data in an unencrypted format? That's a fine. I think most of you know the drill.

via So What Is PCI Really About? – CSO Online – Security and Risk.