Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) was released at the end of March 2022. At the time of writing, we now have less than one year until the previous version, 3.2.1, is retired and can no longer be used for new assessments.
If you've ever taken a credit card as payment for anything, then you've probably heard of the Payment Card Industry Data Security Standard (PCI DSS). This defines a set of requirements for merchants and service providers to protect their customers' payment card data. The importance of PCI DSS lies in the fact that it helps to protect sensitive data which could have huge ramifications should it fall into the wrong hands. This includes information such as credit card numbers, names, addresses, and other personally identifiable information.
Statistics show that in 2021, online retail sales amounted to a staggering 4.9 trillion dollars, with purchases made by over two billion customers.
Experts anticipate that this trend will continue as more people select the ease of internet shopping. Unfortunately, it has also encouraged cyber criminals to target this area.
These two factors have prompted retailers and security experts to focus on improving online retail cybersecurity measures.
Topics: PCI Compliance, PCI v4.0, PCI DSS v4.0, PCI DSS 4.0, PCI DSS, payment card industry data security, payment card industry security standards, pci dss merchant, cybersecurity retail services, cybersecurity retail singapore
The wait is finally over and PCI DSS v4.0 is released today, 31st March 2022. Whatever the size of your organisation, volume of payments or size of in-scope network, there will be an impact to you of some kind, but for today it's business as usual.
In this post, we discuss six areas in PCI DSS v4.0, which we think you should be aware of today, with much more detail to come.
For now, we will take it easy and focus on the key themes and changes:
There are exciting times ahead for the PCI DSS as it aims to shift its position and up its game. Historically the PCI DSS has been criticised for being behind the technology curve, but as its latest iteration (version 4.0) is prepared for release by the Payment Card Industry Security Standards Council, we anticipate changes that will keep the standard in the here and now.
6 PCI DSS v4.0 changes we are anticipating:
Nettitude were strongly represented at the AKJ Associates PCI London event at the Victoria Plaza Hotel on Thursday 24th January 2013. The PCI event allowed Nettitude to exhibit some new services such as our Forensic capabilities and incident response as well as showcasing our P2PE QSA accreditation.