Variations of the Payment Card Data Security Standard have been in place for several years, but many retailers still feel they don’t understand what exactly is required of them to comply with it, writes Alison Clements