Overview

As the Payment Card Industry–Data Security Requirements (PCI-DSS) marks its 20th anniversary, the areas of accountability are expanding beyond card payment data to encompass a holistic view of merchants’ data security ecosystems across all commerce channels. Although the scope of PCI-DSS is not increasing, per se, as it relates to the security requirements for payment data, merchants must attest to having compliant security processing places across the enterprise. For the first time, merchants can construct their compliance checklists that address the risks in their businesses rather than using a template provided by the PCI standards.

Key questions discussed in this report: 

  • What is likely to be the impact of PCI 4.0 for merchants?
  • How should merchants prepare for PCI 4.0?
  • What is changing with PCI 4.0 that is more significant than previous changes?

Companies Mentioned: 

American Express, Discover, JCB, Mastercard, PCI Security Standards Council, LLC, Verizon Business, Visa

Learn More About This Report & Javelin

Related content

June 24, 2025
In-House Payment Options for Merchants: Time for a New Look

The big household names in retail, in-store and online, have always offered customers the most choices of ways to pay, along with deferred terms like layaway or installment credit....

May 22, 2025
AI in the Payments Ecosystem

Merchants and payment service providers are working diligently to turn the promises of artificial intelligence into tangible business advantages. AI promises to deliver new levels ...

May 13, 2025
Agentic Commerce and Merchants: Get Ready for a New Reality—and Some Turbulence

AI-powered agentic commerce could represent a fundamental recasting of the purchasing dynamic, which has always put ultimate decision-making in the hands of consumers. Transforming...

Make informed decisions in a digital financial world

Let's Connect