X-PCI-CDE Informational
Protect the Cardholder Data Environment (PCI DSS)
Official citation: PCI DSS v4.0
Class: informational · Severity: medium
Statement of the obligation — verify against source
PCI DSS v4.0
What it means
PCI DSS is the card brands' security standard for anyone handling payment cards. It overlaps with NIST in places but adds specific, testable duties: segment the card environment, scan it quarterly, pen-test it, and validate compliance at the level your transaction volume requires.
Required by
- — Where payment card data is handled
- — Where payment card data is handled
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.