Visa and MasterCard led the instigation of the mandate, which is already more than a year old, but awareness of the PCI standard in Australia remains extremely low.
Version 1.1 of the standard, the rules of which are aimed at protecting credit card data via encryption, end-user access and handling procedures, was introduced on September 7, 2006.
But because it was a US-led standard, there has been confusion about local compliance requirements, although Visa confirmed last week that it has been officially mandated in Australia.
Visa Australia and New Zealand risk manager Ian McKindley said banks and merchants are largely ignorant of PCI requirements despite extensive campaigning.
"Awareness of PCI in Australia is far lower than we would have hoped [despite] a series of seminars being held in [both countries]; we also posted more than 300,000 fliers to merchants earlier this year," McKindley said.