The latest changes across all tracked PCI resources.
This episode of Coffee with the Council is brought to you by our podcast sponsor, Feroot.
Welcome to our podcast series, Coffee with the Council. I'm Alicia …
Welcome Salesforce, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Salesforce's Director of Security Compliance, James …
After 31 March 2025, superseded requirements should be marked as Not Applicable (N/A) in a Report on Compliance (ROC) or Self-Assessment Questionnaire (SAQ).
Three PCI DSS v4.x requirements include …
A provider of third-party scripts is not considered a third-party service provider (TPSP) for PCI DSS Requirements 12.8 and 12.9 as part of an entity’s assessment of the entity’s e-commerce …
PCI DSS Requirement 8.4.2 for multi-factor authentication (MFA) is not mandatory for access to in-scope system components outside of the CDE. If a user’s access to a system component can …
No. PCI DSS Requirements 8.3.9 and 8.3.10.1 do not apply to in-scope system components where multi-factor authentication (MFA) is used.
Requirements 8.3.9 and 8.3.10.1 apply if passwords/passphrases are used …
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. As many of our listeners …
After nearly 15 years at PCI Security Standards Council (PCI SSC), Jeremy King, Regional VP, EMEA, retires this month. In this blog, we interviewed Jeremy about his career at the …
The PCI Security Standards Council is calling on experts in the payments industry to apply to speak at the 2025 Asia-Pacific Community Meeting. The 2025 Asia-Pacific Community Meeting will …
No.
