Overview

As the Payment Card Industry–Data Security Requirements (PCI-DSS) marks its 20th anniversary, the areas of accountability are expanding beyond card payment data to encompass a holistic view of merchants’ data security ecosystems across all commerce channels. Although the scope of PCI-DSS is not increasing, per se, as it relates to the security requirements for payment data, merchants must attest to having compliant security processing places across the enterprise. For the first time, merchants can construct their compliance checklists that address the risks in their businesses rather than using a template provided by the PCI standards.

Key questions discussed in this report: 

  • What is likely to be the impact of PCI 4.0 for merchants?
  • How should merchants prepare for PCI 4.0?
  • What is changing with PCI 4.0 that is more significant than previous changes?

Companies Mentioned: 

American Express, Discover, JCB, Mastercard, PCI Security Standards Council, LLC, Verizon Business, Visa

Book a Meeting with the Author

Related content

November 06, 2025
2026 Merchant Payments Trends

As payment technology advances and offers greater options and flexibility for consumers, merchants are put in the position of prioritizing how to manage payment acceptance, what pl...

September 26, 2025
Visa’s Commercial Enhanced Data Program: What You and Your Merchants Need to Know

Level II and III data have long been a source of price relief for merchants that accept corporate, commercial, and purchasing cards. However, much of that price relief has been off...

August 11, 2025
Unattended Checkout: Where Do We Go From Here?

Unattended checkout isn’t dying, not by a long shot, but it’s in a period of transition. Although consumers like it, merchants need it, and payment trends favor it, some major merc...

Make informed decisions in a digital financial world

Let's Connect