Overview

As the Payment Card Industry–Data Security Requirements (PCI-DSS) marks its 20th anniversary, the areas of accountability are expanding beyond card payment data to encompass a holistic view of merchants’ data security ecosystems across all commerce channels. Although the scope of PCI-DSS is not increasing, per se, as it relates to the security requirements for payment data, merchants must attest to having compliant security processing places across the enterprise. For the first time, merchants can construct their compliance checklists that address the risks in their businesses rather than using a template provided by the PCI standards.

Key questions discussed in this report: 

  • What is likely to be the impact of PCI 4.0 for merchants?
  • How should merchants prepare for PCI 4.0?
  • What is changing with PCI 4.0 that is more significant than previous changes?

Companies Mentioned: 

American Express, Discover, JCB, Mastercard, PCI Security Standards Council, LLC, Verizon Business, Visa

Book a Meeting with the Author

Related content

January 16, 2026
Agentic Commerce: Green Light or Flashing Yellow for Merchants?

Agentic commerce is forecasted to reach $500 billion in sales by 2030, but what’s driving that growth? Consumers will vote with their wallets on which product categories and sales ...

December 10, 2025
Merchants Should Planogram Payments

Enterprise merchants have increasingly adopted payment orchestration strategies to drive new payment types, increase payment success rates, and optimize platform performance. Howev...

November 06, 2025
2026 Merchant Payments Trends

As payment technology advances and offers greater options and flexibility for consumers, merchants are put in the position of prioritizing how to manage payment acceptance, what pl...

Make informed decisions in a digital financial world

Let's Connect