SAQ C
Updated version published, replaces version from
Recent Updates RSS
The latest changes across all tracked PCI resources.
SAQ B-IP
Updated version published, replaces version from
SAQ B
Updated version published, replaces version from
SAQ A-EP
Updated version published, replaces version from
PCI Security Standards Council Hosts 2024 Europe Community Meeting
Sneak Peek: 2024 Asia-Pacific Community Meeting Speakers
The excitement is building as we get closer to this year’s Asia-Pacific Community Meeting! To add to the anticipation, we’re giving you a sneak peek of some of the …
Coffee with the Council Podcast: Meet the Council’s New Head of Product and Technology
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. Today we'll meet one of the …
When should an entity implement PCI DSS requirements noted as best practices until a future date?
Updates to PCI DSS are intended to address evolving threats in the payments ecosystem, therefore, entities are strongly encouraged to complete their transition to the most current PCI DSS version, …
Request for Comments: PCI PTS POI Modular Security Requirements v7.0
From 1 October to 1 November, eligible PCI SSC stakeholders are invited to review and provide feedback on the draft PCI PIN Transaction Security (PTS) Point of Interaction (POI) Modular …
What is meant by "At-Risk Timeframe" and at risk referenced in the Final PFI Report?
The At-Risk Timeframe refers to the period of time data elements, such as account data, were at risk for this Entity Under Investigation during the incident under investigation. A data …
PCI Security Standards Council Hosts 2024 North America Community Meeting
For PCI DSS, can multi-factor authentication (MFA) implementations indicate the success of a factor prior to presentation of subsequent factors?
Yes. PCI DSS v4.x requires the success of all authentication factors before access is granted. However, it is acceptable under PCI DSS to indicate that one factor has been successful …
Does PCI DSS Requirement 8.2.2 allow users to share authentication credentials?
Yes, but use of any shared authentication credentials such as group, shared, or generic IDs (including for administrator accounts such as admin or root) must be prevented unless needed …
PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures
Version: PCI-DSS-Scoping-and-Segmentation-Guidance-for-Modern-Network-Architectures
Files: 7 files in 1 version
added
Files: 7 files in 1 version
added
New Information Supplement: PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures
The PCI Security Standards Council (PCI SSC) has published a new Information Supplement: PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures. This document was produced by the …