Latest changes to PCI SSC frequently asked questions.
For more information about multi-factor authentication, refer to the Information Supplement: Authentication Guidance, available under Guidance Document in the PCI SSC Document Library. Our document library can be accessed …
For more information about multi-factor authentication, refer to the Information Supplement: Authentication Guidance, available under Guidance Document in the PCI SSC Document Library. Our document library can be accessed …
One-way hashing is a method that can be used to render PAN unreadable in storage. The hashing process and results, as well as the system(s) that perform the hashing, are …
The Prioritized Approach Tool for PCI DSS v3.2 includes an update to the built-in formulas to remove “N/A” (Not Applicable) responses from the Percent Complete calculation. Previously, a response of …
The term “two-factor” was replaced with the term “multi-factor” in several requirements in PCI DSS v3.2 (Requirements 8.3, 8.3.1, 8.3.2, and 8.5.1). The intent of this change was to use …
The current version of PA-DSS is v3.2. Effective 1 September 2016, all new payment applications must be validated using PA-DSS v3.2.
New payment application validations and High Impact Changes …
No. There are no PCI DSS requirements that apply to manual imprinters (also known as “zip-zap” and “knuckle-buster” machines). They are not card reading devices as defined in Requirement 9.9, …
PCI DSS Requirement 9.1.1 addresses the need for video cameras and/or access control mechanisms to monitor individual physical access to sensitive areas. “Sensitive areas” refers to any data center, server …
The intent of PCI DSS requirement 10 is to ensure organizations have the necessary logs in place to provide an accurate and unaltered record of what has taken place within …
PCI DSS is the standard for merchants and service providers to protect cardholder data. The PA-DSS and PTS device security requirements support the overall implementation of PCI DSS by allowing …
