These days, the PCI DSS (Payment Card industry – Data Security System) has now been made mandatory for all the merchants that are providing different service to their customers that involve money transactions. PCI DSS offers many unconditional benefits to the online merchants and the consumers, but not every merchant is having valid information reading the PCI. The first and foremost thing that many merchants need to adopt is upgrading their systems with the advanced version of the PCI DSS software. The merchants have been informed that every year they need to upgrade the entire system and also the software with the hardware devices and the expense of which is equivalent to the expense of installing the new system. The real fact is different and this information is not at all correct. As per the PCI Self Assessment Questionnaire there is no need to upgrade the system or software even after one year for every merchant. Only those merchants need to upgrade the system that has business expansions of more number of users using the payment gateway. Also, most of the merchants have known that the system requires year inspection and firewall renewal, which is also not true. A firewall cannot required renewal after every year, it depends on the number of clients and workstations where the PCI has been installed.