Skip to the main content.
Contact

PCI DSS V3.2 Is Almost Here!

PCI DSS V3.2 Is Almost Here!

The PCI Security Standards Councils confirmed last week that the updated version of PCI DSS (v3.2) will be released at the end of April 2016. The current version (v3.1) will expire in October 2016. Organizations currently assessing under PCI DSS (v3.1) will be allowed a transition period.

All key dates and milestones to be aware of for this year’s updates are shared in this article.

An earlier high level discussion covering the new update can be found here.

Some of the significant high level changes: • The SSL and early TLS sunset extension • Multifactor administrative access to cardholder data environments • The inclusion of the Designated Entity Supplemental Validation (DESV) requirements • New reporting requirements for service providers

We will conduct our usual detailed page-by-page word-by-word analysis of the changes and impacts as soon as the standard is published. Stay tuned.

PCI DSS v3.2 - What You Need to Know to Stay PCI Compliant

PCI DSS v3.2 - What You Need to Know to Stay PCI Compliant

To accept credit cards in Canada, businesses need to be PCI compliant. Becoming PCI compliant can be difficult in the first place and keeping up...

Read More
What's changed in PA-DSS 3.2? Impacts to Vendors, Implementers, and Operators.

1 min read

What's changed in PA-DSS 3.2? Impacts to Vendors, Implementers, and Operators.

Recently, Control Gap posted an article performing a detailed analysis of the recent changes in the DSS due to 3.2. We do this because the...

Read More
PCI Security Standards Council set to kill off SSL in PCI DSS/PA-DSS 3.1 updates

PCI Security Standards Council set to kill off SSL in PCI DSS/PA-DSS 3.1 updates

The PCI council has released an announcement that they are preparing an updated version of the PCI DSS (v3.1) and PA-DSS (v3.1), where they will be...

Read More