PCI SSC Publishes New Version of DSS

The PCI Security Standards Council announced on April 28 that is has published a PCI DSS version 3.2 to replace 3.1. This version will “address growing threats to customer payment information.” Version 3.1 expires on October 31st of this year.

According to the press release, changes include the following:

  1. Revised SSL and TLS sunset dates
  2. An expanded requiremen 8.3 that includes multi-factor authentication for admins
  3. Integration of the DESV criteria, which was originally separate

You can find the full version 3.2 here. The original press release is here.

Photo credit: Annie Spratt

Related Posts

pci compliance
PCI Compliance (And Why It Really, Really Matters)
Lowering PCI Burden by Integrating Payments
What is PCI compliance, and what do I do?

Leave a Reply