Article

PCI SSC finalizes PCI DSS 2.0

Robert Westervelt, News Director

The Payment Card Industry Security Standards Council (PCI SSC) issued version 2.0 of the Payment Card Industry Data Security Standards (PCI DSS) this week, making widely available the new document, which contains 12 minor changes.

PCI DSS 2.0

    Requires Free Membership to View

takes effect on Jan. 1, but merchants won't have to become fully compliant with the new version until Dec. 31, 2011. The release of PCI DSS 2.0 also begins a new three-year lifecycle of the development cycle. The document won't undergo any further changes until 2014.

The updated standards don't introduce any major requirements, according to the council. Most of the PCI changes (.pdf) are minor language adjustments to clarify the meaning of the requirements. The changes reinforce the need for thorough scoping prior to an assessment and promote more effective log management. Other changes broaden validation requirements for the assessment of vulnerabilities in a merchant environment, giving merchants the ability to use industry best practices to prioritize vulnerabilities.

The new document also closely aligns PCI DSS with the Payment Application Data Security Standards (PA DSS).

In this interview, Jeremy King, the European director of the PCI SSC discusses the changes in more detail and where the industry is headed.

Play now:

You must have Adobe Flash Player 7 or above to view this content.See http://www.adobe.com/products/flashplayer to download now.
Download for later:

PCI DSS 2.0 Finalized
• Internet Explorer: Right Click > Save Target As
• Firefox: Right Click > Save Link As

PCI DSS 2.0: PCI assessment changes explained
PCI DSS expert Ed Moyle explains how the changes in PCI DSS 2.0 will affect companies during the PCI assessment process.

PCI 2.0 guide: How have PCI compliance requirements changed?
In this PCI 2.0 learning guide, you will learn how the PCI compliance requirements have changed, if those changes have improved the standard and how the changes will affect your environment.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: