PCI DSS v4.0

PCI DSS (Payment Card Industry Data Security Standard)

Sekuro can help with your PCI DSS v3 to v4 transition needs

PCI DSS contains a set of requirements to help organisations prevent payment data breaches and payment card fraud.

Sekuro offers peace-of-mind PCI DSS-as-a-Service to help organisations stay compliant throughout the years, to every version of the PCI DSS, including the latest PCI DSS v4.0.

Sekuro can help you organisation transition from PCI DSS v3 to PCI DSS v4 while maintaining compliance.

We work with you to provide flexible and practical solutions, so regardless of what comes your way, your business can keep moving forward

We provide tailored and collaborative solutions to meet your business goals as well as your compliance requirements

We assign Qualified Services Assessors (QSAs) who are the right culture fit for your organisation and project

We don’t just tick boxes – our professionalism, values and our work set us apart. Our QSAs have gained industry knowledge and efficiency through years of experience

PCI DSS - Sekuro's Services to support your business

Sekuro’s values are geared towards building a strong and long lasting relationship with our customers. We are committed to partnering you and taking a pragmatic approach to address the risks and issues faced by your business in relation to the compliance program. We also work with you to effectively reduce your compliance issues.

PCI DSS Scope and Gap Assessment

Find compliant options to reduce your scope and create a plan to fix your non-compliances.

PCI DSS Remediation

Expert guidance and advice to remediate your non-compliances and keep your costs down.

PCI DSS Penetration Testing and Wireless Scanning

Ad-hoc or managed Penetration Tests and Wireless Scans as required by the PCI DSS.

PCI DSS Certification

Qualified assessment of your compliance status and deliverance of your Attestation of Compliance (AOC).

PCI DSS Maintenance

Maintain your compliance throughout the year and avoid the stress of recertification.


Peace-of-mind all-inclusive service to ensure you reach and maintain compliance whilst getting best value for your business.


PCI-DSS Assessment With Reap

How Reap completed a PCI DSS Attestation of Compliance, in compliance with the PCI SSC Reporting guidelines


PCI DSS requirements are set by the PCI Security Standards Council (PCI SSC), founded and enforced by Payment Brand (through your acquiring bank/s). Payment Card Data Security Standard (PCI DSS) is the global data security standard that any business of any size must adhere to in order to accept payment by card and either store, process, and/or transmit cardholder data. It contains common sense yet rigorous controls that mirror best security practices. PCI DSS applies to the protection of cardholder data’ (CD), centred around the Primary Account Number (PAN).
The PCI DSS applies to all entities that store, process, and/ or transmit cardholder data. That means both merchants and service providers to merchants (IT, data centre, call centre, storage, cloud providers, etc). It covers technical and operational system components included in, or connected to, the cardholder data handled.
Reporting requirements differ based on your business (service providers or merchants), the number of cards you process annually, and how you take payments (in-person, phone, mail, app or e-commerce).


PCI DSS is the global information security standard designed to reduce payment card fraud by increasing security controls around cardholder data. The new PCI DSS v4.0 or PCI DSS 4 was published on 31 March 2022.

PCI Compliance Level 4 however, is the lowest level of compliance under the Payment Card Industry Data Security Standard (PCI DSS). Level 4 applies to merchants that process fewer than 20,000 Visa or Mastercard e-commerce transactions per year or up to 1 million total Visa or Mastercard credit card transactions and that have not suffered a data breach or attack that compromised card or cardholder data.

  • Level 1: Merchants that process over 6 million card transactions annually.
  • Level 2: Merchants that process 1 to 6 million transactions annually.
  • Level 3: Merchants that process 20,000 to 1 million transactions annually.
  • Level 4: Merchants that process fewer than 20,000 transactions annually.
Yes. Although the current version (3.2.1) remains valid until March 2024, organisations that are subject to the PCI DSS should prepare for the update as soon as possible. Sekuro can help with this transition.

Already know what you are after?

Get a quick quote from our consultants.

Scroll to Top