PCI SSC releases PCI Data Security Standard v4.0 for global payment data

Thursday 7 April 2022 15:09 CET | News

The PCI Security Standards Council (PCI SSC) has published version 4.0 of the PCI Data Security Standard to address emerging threats to accounts data.

PCI DSS is a global standard that provides a baseline of technical and operational requirements designed to protect account data. PCI DSS v4.0 replaces version 3.2.1 to address emerging threats and technologies and enable innovative methods to combat new threats.

To provide organisations time to understand the changes in version 4.0 and implement any updates needed, the current version of PCI DSS, v3.2.1, will remain active for two years until it is retired on 31 March 2024. Once assessors have completed training in PCI DSS v4.0, organisations may assess to either PCI DSS v4.0 or PCI DSS v3.2.1.

Examples of the changes in PCI DSS v4.0 include updated firewall terminology to network security controls to support a broader range of technologies used, expansion of Requirement 8 to implement multi-factor authentication (MFA) for all access into the cardholder data environment, increased flexibility for organisations to demonstrate how they are using different methods to achieve security objectives, and an addition of targeted risk analyses for entities to define how frequently they perform certain activities.

In addition to the updated standard, supporting documents published in the PCI SSC Document Library include the Summary of Changes from PCI DSS v3.2.1 to v4.0, the v4.0 Report on Compliance (ROC) Template, ROC Attestations of Compliance, and ROC Frequently Asked Questions. Self-Assessment Questionnaires will be published.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: PCI compliance, fraud prevention, data protection, product upgrade, compliance
Categories: Fraud & Financial Crime
Companies: PCI Security Standards Council
Countries: World
This article is part of category

Fraud & Financial Crime

PCI Security Standards Council

Discover all the Company news on PCI Security Standards Council and other articles related to PCI Security Standards Council in The Paypers News, Reports, and insights on the payments and fintech industry:

Industry Events