Menu Close

Payment Card Industry (PCI) DSS v4.0

PCI DSS Version 4.0: What is it and why now?

On the 31 March 2022, the PCI Security Standards Council (PCI SSC) released version 4.0 of the PCI Data Security Standard (PCI DSS). Version 4.0 replaces the current version, 3.2.1 and is the biggest shakeup to the PCI DSS for years.  

The PCI DSS is a set of requirements that any organisation that stores, processes or transmits payment card information is required to adhere to. Should an organisation provide a service that can affect the security of payment card information, they too are obligated to adhere to its requirements.

But why now?

The changes in the threat landscape have continued to evolve significantly in recent years, and so, the controls that protect payment card information must change with them. The increasing use of cloud-based technologies and the 

sophistication of attacks are the main drivers for these changes.

Version 4.0 has been developed in partnership with global industry. Over 200 companies have provided more than 6,000 items of feedback to the PCI SSC to create the new standard.

Read other chapters in the series:

Part 2: What are the key changes in v4.0? >>

Part 3: What should organisations do about it? >> 

 

If you would like to know more and how we are assisting our clients in adjusting to the new standard, please contact us at info@xcinaconsulting.com.

 

James Drake

Senior Director
Technology Risk

Speak to me directly by Email

James is a Certified Information Systems Security Professional (CISSP), ISO27001 Information Security Lead Auditor and qualified PCI Quality Security Assessor (QSA) from a multi-industry background. He is experienced in delivering risk based information assurance projects including PCI-DSS assessments, vCISO engagements, GDPR gap analysis and ISO27001 implementations including ISMS management.

To discuss how the above impact your business, feel free to get in touch with our team. We provide our clients with pragmatic advice and support to help them achieve a robust and defensible position.

 

 

Stay in control of your inbox

Register your details to receive our featured insights,
news and analysis covered by our Information Security team.

Stay up to date and discover how the requirements impact your business.