PCI DSS 2.0 (Payment Card Industry Data Security Standard Version 2.0) is the second version of
the Payment
Card Industry Data Security Standard (PCI DSS). PCI DSS was first released on Oct. 26, 2010.
The third revision is due in 2014.
According to the Payment Card Industry (PCI) Security Standards Council, version 2.0 does not
introduce any major changes to the 12 requirements. Minor language adjustments were made to clarify
the meaning of the requirements. Version 2.0 reinforces the need for thorough scoping before an
assessment and promotes more effective log management. It also broadens validation requirements for
the assessment of vulnerabilities in a merchant environment. As a result, merchants can now use
industry best practices to prioritize vulnerabilities.
Contributor(s): Maggie Sullivan
This was last updated in April 2012
Email Alerts
Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy
More News and Tutorials
-
You can take a phased approach to achieving PCI DSS compliance, but expert Mike Chapple says you aren't compliant until you meet all its requirements.
-
The proposed PCI DSS 3.0 standard would emphasize in-house vulnerability assessments, add password flexibility and highlight provider compliance.
-
Expert Mike Chapple details the PCI SSC's third-party processor rules and how to outsource card processing and stay PCI DSS compliant.