PCI DSS 4.0.1 is public as of June 11, 2024, about two years and three months after the initial release of PCI DSS 4.0. Minor updates like this after such a major overhaul is expected, especially as all of you get your hands on the documents and start using them in assessments.
The update, which is available in the PCI Security Standards Document Library, contains mostly cosmetic changes that further align language introduced in...
PCI DSS compliance dates are fast approaching, and we are a little more than a year away from the SAQ A iFrame changes that many merchants and service providers will need to deal with. iFrames used to be the primary escape hatch that companies would use to avoid bringing vast parts of their websites into scope for PCI DSS, but this has now changed.
In our example, let’s assume the parent site is store.com, and...
It’s that time of the year (or at least it was) when we earnestly weigh pushing tasks to next year, with a focus on what might be coming across our task lists. And perhaps you are looking at that PCI DSS 4.0 gap assessment as something to get done prior to 2024 budgeting season.
Early in the year might be the best time to do this gap assessment. If your QSA or consulting firm is...
