The PCI Security Standards Council announced on April 28 that is has published a PCI DSS version 3.2 to replace 3.1. This version will “address growing threats to customer payment information.” Version 3.1 expires on October 31st of this year.
According to the press release, changes include the following:
- Revised SSL and TLS sunset dates
- An expanded requiremen 8.3 that includes multi-factor authentication for admins
- Integration of the DESV criteria, which was originally separate
Photo credit: Annie Spratt