Tag Archives: PCI DSS v4.0

Keeping Track of PCI DSS v4.0

UPDATED AS OF JULY 2021 UPDATE: New Blog on PCI DSS 4.0 Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next request for comments (RFC), and information about the RFC feedback they received.

PCI DSS v3.1 Coming – SSL No Longer Considered Strong Cryptography

SSL No Longer Considered Strong Cryptography Author: Viviana Wesley, PCI QSA In a recent bulletin the Payment Card Industry Security Standards Council (PCI SSC) stated that updates will be forthcoming to the Data Security Standard (DSS) version 3.0 – and very soon.  The change is related to vulnerabilities seen with Secure Socket Layer (SSL) cryptography.

PCI and Third Party Security Assurance: The PCI Council’s Guidance Summarized

Author: Viviana Wesley, PCI QSA Some recent breaches of cardholder data have been the direct result of a successful compromise of a trusted third party to the breached entity. For example, a factor in the well-publicized breach at Target may have been compromised credentials of a trusted service provider with access to the Target internal […]

The PCI Security Standards Council has released a new Information supplement for PCI DSS Risk Assessment Guidelines.

The PCI Security Standards Council has released a new Information supplement for PCI DSS Risk Assessment Guidelines. Organizations planning and performing a risk assessment in accordance with PCI DSS 12.1.2 can use the information supplement to help identify threats and the associated vulnerabilities that could jeopardize the security of payment card data.