# Security Digital River provides PCI compliance, tokenization, and fraud screening through an API reference. When the shopper enters payment information at checkout, they interact with secure payment fields that Digital River hosts within a client-hosted page. Those secure fields are served up by digitalriver.js, a developer-friendly library that allows brands to securely process transactions without having to take on the responsibilities of PCI compliance. When brands use the digitalriver.js API reference on their store, Digital River serves up payment methods, validates card data, tokenizes customer information, performs fraud screening, collects sensitive card data, and processes transactions in a manner that is fully compliant with the Payment Card Industry Data Security Standards (PCI DSS). Digital River is a Level 1 PCI-compliant service provider. Customer data is stored on Digital River’s secure servers, never on client servers. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.digitalriver.com/commerce-api/resources/reference/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.