How do I know my Service Provider is compliant with PCI DSS v4.0?
All service providers must be compliant with PCI DSS v4.0 requirements if they:
- Have access to cardholder data
- Can connect to a customer's cardholder data environment
- Have the ability to impact the security of the cardholder data environment
You can request a PCI DSS validation document from your service provider.