A company processes credit card transactions nline. They use a third$-$party payment gateway to landle payment information. What is the company's responsibility under PCI DSS$?$

The company is not responsible for PCI DSS compliance since they use a third$-$party payment gateway.

The company is responsible for ensuring that the third$-$partypayment gateway is PCI DSS compliant.

The company is responsible for performing penetration tests against the payment gateway to ensure compliance with requiremen.

The company is only responsible for encrypting the credit card data.