PCI Watch - Tracking changes across the Payment Card Industry

❓ PCI SSC FAQs FAQ #1571 Updated 2024-02-26T22:54:00+00:00

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant?s PFI Investigation and produce the PFI Final Report, with details of adequate evidence …

❓ PCI SSC FAQs FAQ #1571 Updated 2024-02-26T22:54:00+00:00

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant’s PFI Investigation and produce the Final PFI Report, with details of adequate evidence …

❓ PCI SSC FAQs FAQ #1312 Updated 2024-02-26T22:54:00+00:00

How is an entity's PCI DSS compliance impacted by using third-party service providers (TPSPs)?

When an entity (the TPSP customer) uses one or more TPSPs for functions within or related to the customer's cardholder data environment, it will impact the customer's PCI DSS compliance, …

📣 PCI SSC Communications Blog New 2024-02-07T00:00:00+00:00

Spotlight On: PROSA, a New Principal Participating Organization

Welcome PROSA, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, PROSA CISO Valther Galván Ponce de …

📣 PCI SSC Communications Blog New 2024-02-06T00:00:00+00:00

AI and Payments: Exploring Pitfalls and Potential Security Risks

None of this was written by ChatGPT. But that is exactly what you would expect an AI to say, isn’t it?

more

With the rapid rise in popularity of Artificial …

📣 PCI SSC Communications Blog New 2024-02-02T00:00:00+00:00

Coffee with the Council Podcast: A Panel Discussion from Asia-Pacific Hosted by Yew Kuann Cheng

Hello everyone. Welcome to another edition of our podcast series, Coffee with the Council. Hello from very sunny Singapore. I just enjoyed my cup of coffee. Or locally we …

📣 PCI SSC Communications Press Release New 2024-01-31T15:00:15+00:00

PCI Security Standards Council Appoints Expanded Brazil Advisory Board for 2024-2025

📣 PCI SSC Communications Blog New 2024-01-31T00:00:00+00:00

PCI DSS v3.2.1 is Retiring on 31 March 2024 – Are You Ready?

With 31 March 2024 rapidly approaching, Lauren Holloway, Director, Data Security Standards, shares some key questions, answers, and resources to help entities successfully transition to PCI DSS v4.0.

more

Where …

📣 PCI SSC Communications Blog New 2024-01-24T00:00:00+00:00

Sponsor a Coffee with the Council Podcast

The PCI Security Standards Council is now offering sponsorship opportunities for its award-winning podcast series, Coffee with the Council. Established in 2022, Coffee with the Council produces monthly episodes …

❓ PCI SSC FAQs FAQ #1571 Updated 2024-01-19T21:45:00+00:00

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant’s PFI Investigation and produce the Final PFI Report, with details of adequate evidence …

❓ PCI SSC FAQs FAQ #1571 Updated 2024-01-19T21:45:00+00:00

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

Yes, a PFI Final Report is required. The expectation is that the PFI must complete the merchant?s PFI Investigation and produce the PFI Final Report, with details of adequate evidence …

❓ PCI SSC FAQs FAQ #1152 Updated 2024-01-19T21:45:00+00:00

Can entities be PCI DSS compliant if they have performed vulnerability scans at least once every three months, but do not have four "passing" scans?

PCI DSS requires entities to perform internal and external vulnerability scans at least once every three months, identify and address vulnerabilities in a timely manner, and verify through rescans that …

❓ PCI SSC FAQs FAQ #1571 Updated 2024-01-19T21:11:00+00:00

Recent Updates RSS

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

How is an entity's PCI DSS compliance impacted by using third-party service providers (TPSPs)?

Spotlight On: PROSA, a New Principal Participating Organization

AI and Payments: Exploring Pitfalls and Potential Security Risks

Coffee with the Council Podcast: A Panel Discussion from Asia-Pacific Hosted by Yew Kuann Cheng

PCI Security Standards Council Appoints Expanded Brazil Advisory Board for 2024-2025

PCI DSS v3.2.1 is Retiring on 31 March 2024 – Are You Ready?

Sponsor a Coffee with the Council Podcast

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

Can entities be PCI DSS compliant if they have performed vulnerability scans at least once every three months, but do not have four "passing" scans?

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?

What is the meaning of 'initial PCI DSS assessment'?

Is the expectation that any PFI investigation initiated must result in a PFI Final Report?