{"id":4215,"date":"2022-04-20T19:59:14","date_gmt":"2022-04-20T19:59:14","guid":{"rendered":"https:\/\/iqcol.com\/?p=4215"},"modified":"2024-02-28T13:37:40","modified_gmt":"2024-02-28T18:37:40","slug":"whats-new-in-pci-dss-v-4-0","status":"publish","type":"post","link":"https:\/\/iqcol.com\/en\/whats-new-in-pci-dss-v-4-0\/","title":{"rendered":"What’s new in PCI DSS V 4.0?"},"content":{"rendered":"

What is the PCI Data Security Standard?<\/strong><\/p>\n

The PCI Data Security Standard (PCI DSS) is a global standard that provides a foundation of technical and operational requirements designed to protect payment data.\u00a0 PCI DSS v 4.0 is the next evolution of the standard.<\/p>\n

What are the Objectives of PCI DSS v 4.0?<\/strong><\/p>\n

1.Continue to meet the security needs of the payment industry.<\/p>\n

2.Promote security as a continuous process<\/p>\n

3.Add flexibility for different methodologies<\/p>\n

4.Improve validation methods<\/p>\n

What is the schedule for PCI DSS V 4.0 implementation?<\/strong><\/p>\n

\"PCI<\/p>\n

What’s new in PCI DSS v4.0?<\/strong><\/p>\n

Many changes have been incorporated into the latest version of the Standard. Below are examples of some of these changes:<\/p>\n

1.Continue to meet the security needs of the payments industry.<\/strong><\/p>\n

Why is this important? <\/strong>Security practices must evolve as threats change.<\/em><\/p>\n

Examples:<\/p>\n

– Expanding multi-factor authentication requirements.<\/p>\n

– Updated password requirements.<\/p>\n

– New requirements for e-commerce and phishing to address current threats.<\/p>\n

 <\/p>\n

2.Promote security as an ongoing process.<\/strong><\/p>\n

Why is it important? <\/strong>Criminals never sleep. Continuous security is crucial to protect payment data.<\/em><\/p>\n

Examples:<\/strong><\/p>\n

– Clear assignment of roles and responsibilities for each requirement.<\/p>\n

– Guidance has been added to help better understand how to implement and maintain security.<\/p>\n

– New reporting option to highlight areas for improvement and provide more transparency to report reviewers.<\/p>\n

 <\/p>\n

3.Increased flexibility for organizations using different methods to achieve security objectives.<\/strong><\/p>\n

Why is this important? <\/strong>Greater flexibility allows more options to achieve a requirement’s objective and supports payment technology innovation.<\/em><\/p>\n

Examples:<\/p>\n

– Allowing group, shared and generic accounts.<\/p>\n

– Specific risk analyses allow organizations to set frequencies for performing certain activities.<\/p>\n

– The customized approach, a new method for implementing and validating PCI DSS requirements, provides another option for organizations using innovative methods to achieve security objectives.<\/p>\n

 <\/p>\n

4.Improve validation methods and procedures.<\/strong><\/p>\n

Why is this important? <\/strong>Clear validation and reporting options support transparency and granularity.<\/em><\/p>\n

Example:<\/p>\n

– Increased alignment between the information reported in a Compliance Report or Self-Assessment Questionnaire and the information summarized in a Certificate of Compliance.<\/p>\n

 <\/p>\n

For a complete overview, you can refer to the summary of changes from PCI DSS v3.2.1 to v4.0, which can be found in the PCI SSC document library.<\/em><\/p>\n

\u00a0<\/strong><\/p>\n

\u00a0<\/strong><\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>","protected":false},"excerpt":{"rendered":"

What is the PCI Data Security Standard? The PCI Data Security Standard (PCI DSS) is a global standard that provides a foundation of technical and operational requirements designed to protect payment data.\u00a0 PCI DSS v 4.0 is the next evolution of the standard. What are the Objectives of PCI DSS v 4.0? 1.Continue to meet […]<\/p>","protected":false},"author":2,"featured_media":4214,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-4215","post","type-post","status-publish","format-image","has-post-thumbnail","hentry","category-noticias","post_format-post-format-image"],"blocksy_meta":[],"_links":{"self":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/posts\/4215","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/comments?post=4215"}],"version-history":[{"count":0,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/posts\/4215\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/media\/4214"}],"wp:attachment":[{"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/media?parent=4215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/categories?post=4215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/iqcol.com\/en\/wp-json\/wp\/v2\/tags?post=4215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}