When retailers indication a contract having a payment processor, they agree to be subject to fines whenever they fail to keep up PCI DSS compliance. SOC two is a security framework that specifies how companies need to defend shopper details from unauthorized access, security incidents, as well as other vulnerabilities. https://www.nathanlabsadvisory.com/red-team-exercise.html
