PCI Watch

Tracking changes across the Payment Card Industry
ℹ️
Reference Content: This is a copy of content from the PCI Security Standards Council blog, preserved for tracking changes over time.
View Original →

Request for Comments: PCI Data Security Standard (PCI DSS) v4.0.1

By Alicia Malone

Request for Comments: PCI Data Security Standard (PCI DSS) v4.0.1

 

From 3 June to 20 July, eligible PCI SSC stakeholders are invited to review and provide feedback on the currently published PCI Data Security Standard (PCI DSS) v4.0.1 during a six-week request for comments (RFC) period.    

The RFC will be available through the PCI SSC Portal, including instructions on how to access the documents and submit feedback. Eligible stakeholders will also receive instructions via email. As a reminder, participants are required to accept a Non-Disclosure Agreement (NDA) to download the document. Please review the RFC Process Guide for more information. 

Please note that PCI SSC can only accept comments that are submitted via the PCI SSC Portal and received within the defined RFC period.  

Background on the PCI Data Security Standard (PCI DSS) v4.0.1

PCI SSC is beginning the next iteration of PCI DSS by soliciting industry feedback on the current version PCI DSS v4.0.1, to help shape the future of the standard.

This RFC represents the opportunity for our stakeholders to share insights into how PCI DSS is being implemented, with a focus on strengths and opportunities, as we plan for the standard's evolution.

Through this RFC, stakeholders are encouraged to include specific feedback about PCI DSS evolution opportunities that can support future technology and AI innovation.

 Access the PCI SSC Portal and Provide Comments