The Payment Card Industry Data Security Standard (PCI DSS) Level 1 is the highest level of compliance for businesses that process, store, or transmit credit card information. It is mandatory for organisations processing over six million transactions annually and involves rigorous assessments, including annual on-site audits by a Qualified Security Assessor (QSA) and quarterly vulnerability scans.

Shopify is certified as a Level 1 PCI DSS compliant hosting provider. This means that all stores built on the Shopify platform are, by default, PCI DSS compliant, ensuring that customer payment data is protected according to the highest industry standards. Shopify invests significantly in security to maintain this certification and safeguard customer information.