PCI Data Security Standards Change Summary

On January 1, 2014, a new set of PCI Data Security Standards (DSS) changes were implemented, resulting in PCI DSS version 3.0, which replaces the prior version (2.0) of standards.

Banks, merchants and credit card processors are now required to meet these new requirements. Although the standards are currently effective, companies have until the end of the year to come into compliance with these new rules. To help clients, prospects and others in the transition process we have provided a summary of key changes to be aware of.

[table id=3 /]

General Changes

  • Updated language in requirements and/or corresponding testing procedures for alignment and consistency.
  • Separated complex requirements / testing procedures for clarity and removed redundant or overlapping testing procedures.
  • Enhanced testing procedures to clarify level of validation expected for each requirement.
  • New column to describe the intent of each requirement, with content derived from the former Navigating PCI DSS guidance document. The guidance in this column is intended to assist understanding of the requirements and does not replace or extend the PCI DSS Requirements and Testing Procedures.

Download a comprehensive list of PCI data security changes.

Was this helpful? Share to your network.

Article Category: