This document discusses the consequences of data breaches for merchants, provides an overview of PCI compliance requirements, and describes tools that can help merchants protect payment data and simplify PCI compliance. It notes that data breaches are costly and common, even among small merchants, and that PCI focuses on them because they are vulnerable targets. It outlines PCI's 12 requirements and prioritized approach. It then describes tokenization, value-added services like risk management, and hosted payment pages as tools that can help merchants address PCI requirements more easily.