PCI DSS Cybersecurity Requirements

All 12 requirement areas of PCI DSS v4.0.1 — explained in plain English. Click any card to expand the full sub-requirements and individual controls.

Reference guide · Applies to all merchants regardless of SAQ type · v4.0.1 current as of 2025

The 12 PCI DSS Requirement Areas

Click any requirement to expand sub-requirements and controls. Use this to understand your full compliance scope.

Ready to manage all 12 requirements in one place?

PCI-Nexus maps every control to your specific SAQ type so you only see what applies to your business.

Start Free Trial →