New: Autonomous AI risk intelligence is live — your compliance program in 12 minutes. Get started →
← Glossary · Compliance

PCI-DSS

The Payment Card Industry Data Security Standard for handling cardholder data.

PCI-DSS v4.0 sets 12 requirements across six goals. Merchant level (1–4) is set by transaction volume and determines the assessment path — from a Self-Assessment Questionnaire (SAQ) to onsite QSA audit.

Using a hosted payment page can shrink scope to SAQ-A, but any environment that stores, processes, or transmits cardholder data has PCI obligations.

See how Scarlet Risk covers PCI-DSS.

One platform for compliance, cyber, crypto, and world-watch risk.

Schedule Live Demo