PCI Compliance

Discover Information Security & Compliance (DISC)

Back to compliance resources

DISC Overview

Data security is a top priority for Discover®. The Discover Information Security & Compliance (DISC) program was developed to implement and maintain efficient data security requirements and procedures for its partners, and to promote the adoption of secure transaction processing of cardholder data on the Discover® Global Network.

As part of this ongoing initiative, Discover is working with other payments participants as part of the Payment Card Industry Security Standards Council, LLC (PCI SSC). The PCI SSC was created to help manage the ongoing evolution of the Payment Card Industry (PCI) security standards, which focus on improving payment account security throughout the transaction process. Discover is committed to the PCI Security Standards as the payment card industry data protection standard. The DISC program is aligned with the PCI security standards to help safeguard cardholder data and limit data compromises.

To find out more, please visit the PCI SSC website

DISC for Merchants

In addition to requiring compliance to the PCI Data Security Standard, Discover requires that each new implementation of payment applications by merchants and their agents is compliant with the Payment Card Industry Payment Application Data Security Standard (PA-DSS).

For a list of PA-DSS-compliant applications or information regarding PA-DSS, please visit the PCI SSC website

DISC for Acquirers & Service Providers

There are separate compliance requirements for acquirers and service providers. In addition to requiring compliance to the PCI Data Security Standard, Discover supports the launch of the Payment Application Data Security Standard (PA-DSS) and strongly recommends that acquirers ensure their merchants, service providers and agents use payment applications that have been validated as compliant with the PCI Payment Application Data Security Standard (PA-DSS).

For more information regarding PA-DSS, please visit the PCI SSC website

Back to compliance resources

Contact Our Data Security Team

To report a data compromise or cardholder breach, call 1-800-347-3083. Or contact us for any compliance-related questions.
Contact Us