Hellgate Guardian is operated as a PCI DSS Level 1 certified service. When merchants route card data through Guardian, that data lives entirely within a certified cardholder data environment (CDE) operated by Hellgate – not within the merchant's own infrastructure. This means merchants can reduce their own PCI DSS scope significantly, often qualifying for lighter self-assessment questionnaires (SAQ A or SAQ A-EP) rather than full third-party audits. Guardian also supports the v4.0 requirement for customised implementation of multi-factor authentication and encrypted data transmission.

→ Hellgate Trustcenter · Guardian overview