Rule 12-4-2.10 - Payment Card Industry Data Security Standards (PCI-DSS)A. State agencies accepting credit and/or debit cards through an approved alternate payment processor will comply with Payment Card Industry Data Security Standards (PCI- DSS) to safeguard cardholder and sensitive cardholder data, regardless of revenue input source. (e.g. Internet application, point-of-sale, Interactive Voice Recognition System, etc. Agencies must provide to DFA yearly, proof of the alternate processor's compliance with PCI-DSS.