[jusben1369]

Anybody involved with credit cards needs to be "compliant" The question is not yes or no but always around "Scope" Solutions that effectively use hosted payment pages (or even better in some ways a transparent redirect) so that the card data don't touch your servers usally allow you to just complete a SAQ-A (a self assessment one or two pager) So you must always be compliant but something like this (Stripe, Braintree etc) allows you to minimize scope to the SAQ-A level typically. (Caveats apply. You could build the best application in the world but if your support people start taking credit cards over the phone to help out customers who are struggling and 'set them up' you of course broaden your scope immediately so common sense still applies)