Does PCI DSS apply to merchants who outsource all payment processing operations and never store, process or transmit cardholder data?

A rule of thumb is that, if you accept payments on your website to some extend, you need to comply with some PCI DSS. However, if you work together with PCI DSS compliant service providers your scope may be limited.

Was this article helpful?
0 out of 0 found this helpful