Security & data standard
PCI DSS
Payment card data security standards.
Applies to: Anyone handling card paymentsWhat it is
PCI DSS is set by the major card brands and applies to any business that stores, processes, or transmits cardholder data.
Scope and effort depend on transaction volume and how cardholder data is handled.
Who must comply
- E-commerce stores
- POS operators
- Any service provider touching cardholder data
Key requirements
- Secure network and systems
- Strong access control measures
- Regular monitoring and testing
- Documented information security policy
Risks of non-compliance
Card brand fines, increased processor fees, and loss of the ability to accept cards.
This is educational and not legal advice. Talk to your attorney about your specific exposure.
How Scale helps
We architect checkout and payments to minimize PCI scope and pass attestation.
