PCI Watch - Tracking changes across the Payment Card Industry

📣 PCI SSC Communications Blog New 2026-02-02T18:08:07+00:00

The AI Exchange: Innovators in Payment Security Featuring Soft Space

Welcome to the PCI Security Standards Council’s blog series, The AI Exchange: Innovators in Payment Security. This special, ongoing feature of our PCI Perspectives blog offers a resource for …

📣 PCI SSC Communications Blog New 2026-01-29T16:14:59+00:00

PCI Security Standards Council Publishes First-Ever Annual Report

The PCI Security Standards Council (PCI SSC) announced the release of its inaugural Annual Report, marking a significant milestone in the Council’s nearly 20-year history of advancing global payment …

📣 PCI SSC Communications Press Release New 2026-01-29T13:31:22+00:00

PCI Security Standards Council Publishes First-Ever Annual Report Highlighting Global Progress in Payment Security

📘 PCI SSC Document Library P2PE Updated 2026-01-29T08:00:00+00:00

P2PE v3.x Technical FAQs

Version: PCI-P2PE-v3.x-Technical-FAQs-29Jan2026
Files: 5 files in 5 versions
PCI-P2PE-v3.x-Technical-FAQs-29Jan2026 added

📣 PCI SSC Communications Blog New 2026-01-28T16:45:55+00:00

Coffee with the Council Podcast: PCI SSC Releases Version 2.0 of the PCI Secure Software Standard

Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. Well, happy new year …

📣 PCI SSC Communications Press Release New 2026-01-28T12:58:52+00:00

PCI Security Standards Council Appoints Brazil Advisory Board for 2026-2027

❓ PCI SSC FAQs FAQ #1223 Deleted 2026-01-21T15:01:10.141934+00:00

Does PCI DSS, PA-DSS, or PTS apply to ATMs?

PCI DSS applies to entities involved in payment card processing or that otherwise store, process, or transmit cardholder data; the Payment Application Data Security Standard (PA-DSS) applies to payment applications …

❓ PCI SSC FAQs FAQ #1052 Deleted 2026-01-21T15:01:10.141934+00:00

Can a payment application that implements the same cryptographic keys across multiple installations be PA-DSS compliant?

No. If cryptographic keys are provided by the application vendor as part of the application, the keys must be unique to each customer or installation. An application that requires the …

❓ PCI SSC FAQs FAQ #1053 Deleted 2026-01-21T15:01:10.141934+00:00

Can a payment application that uses cryptographic keys hard-coded by the vendor be PA-DSS compliant if they cannot be changed by the customer?

No. In order to meet PA-DSS and PCI DSS requirements, the payment application must facilitate the customers' ability to perform key changes periodically and as required by the customer in …

❓ PCI SSC FAQs FAQ #1041 Deleted 2026-01-21T15:01:10.141934+00:00

What is the scope of a PCI DSS assessment for a network that is not segmented?

Without proper network segmentation to isolate the systems that store, process or transmit cardholder data from those that do not, all system components in that network are considered part of …

❓ PCI SSC FAQs FAQ #1196 Deleted 2026-01-21T15:01:10.141934+00:00

If I am deemed PCI DSS compliant today by one of the payment card brands, will the other brands in the PCI Security Standards Council recognize this designation of compliance and if so, what information must be put forth to achieve such recognition?

Since the individual payment brands are responsible for their own PCI DSS compliance programs, organizations should follow each brand's specific compliance processes and procedures.

❓ PCI SSC FAQs FAQ #1040 Deleted 2026-01-21T14:03:10.147292+00:00

Is it required that all of a company's sites, even those located in other countries, must be included in the company's PCI DSS review?

The PCI DSS is a global standard and is applicable to all entities that process, transmit or store cardholder data regardless of geographic location. Each payment brand manages their PCI …

❓ PCI SSC FAQs FAQ #1435 Updated 2026-01-21T10:54:20+00:00

Recent Updates RSS