Recently, Control Gap posted an article performing a detailed analysis of the recent changes in the DSS due to 3.2. We do this because the high-level change summaries published by the PCI Security Standards Council provide only a starting point for in-depth investigation. Our detailed analysis provides a useful next step that can help organizations to more fully understand the impact of changes to their environment.
PCI PA-DSS is a supporting standard that aligns with PCI DSS. It has typically moved in lock step with the DSS. So when the DSS changes, so does the PA-DSS. This article looks at the recent changes in detail.
While the PA-DSS may be primarily of interest to vendors of payment applications, it also affects any organization that implements or operates these applications. This article will be of use not only to payment application vendors, but also to those who implement and operate payment applications.
In addition to over one thousand changed words, 2 new requirements, and 1 numbering change, there were:
There are several other significant differences between PCI DSS V3.1 and PCI DSS V3.2. To see a quick overview of the rest of the changes, read our Change Analysis Brief. If you would like to know every word that changed, read our Change Analysis Document.
3 min read
David Gamey : Apr 11, 2017 10:07:00 PM
New 8-digit Bank Identification Numbers (BIN) could complicate PCI truncation rules and create compliance headaches for those required to maintain...
1 min read
Robert Spivak : May 20, 2022 11:18:21 AM
It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed...
6 min read
David Gamey : Aug 5, 2021 10:08:00 PM
In part two of our series, we take a deeper dive into how JavaScript works and its implications to web and e-commerce security and compliance. This...
David Gamey