Magento has helped make PCI DSS compliance easier for merchants by separating the Magento Secure Payment Bridge application from the Magento Enterprise. Only the actual payment application has to be certified and compliant – rather than the entire platform. This allows Magento Enterprise eCommerce platforms to be upgraded and customized without affecting the overall PA‐DSS compliance provided by Secure Payment Bridge. To guarantee PCI compliance, clients need to use either Professional or Enterprise Edition with an annual license cost. PCI compliance is not guaranteed with community (free) version.