← Glossary · Compliance
PCI-DSS
The Payment Card Industry Data Security Standard for handling cardholder data.
PCI-DSS v4.0 sets 12 requirements across six goals. Merchant level (1–4) is set by transaction volume and determines the assessment path — from a Self-Assessment Questionnaire (SAQ) to onsite QSA audit.
Using a hosted payment page can shrink scope to SAQ-A, but any environment that stores, processes, or transmits cardholder data has PCI obligations.
See how Scarlet Risk covers PCI-DSS.
One platform for compliance, cyber, crypto, and world-watch risk.
Schedule Live Demo