Skip to content
Security & data standard

PCI DSS

Payment card data security standards.

Applies to: Anyone handling card payments

What it is

PCI DSS is set by the major card brands and applies to any business that stores, processes, or transmits cardholder data.

Scope and effort depend on transaction volume and how cardholder data is handled.

Who must comply

  • E-commerce stores
  • POS operators
  • Any service provider touching cardholder data

Key requirements

  • Secure network and systems
  • Strong access control measures
  • Regular monitoring and testing
  • Documented information security policy
Risks of non-compliance

Card brand fines, increased processor fees, and loss of the ability to accept cards.

This is educational and not legal advice. Talk to your attorney about your specific exposure.

How Scale helps

We architect checkout and payments to minimize PCI scope and pass attestation.

Scale Modern Business Solutions