Get ready for the latest version of PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a global standard published by the PCI Security Standards Council (PCI SSC) to maintain and enforce industry best practice for cardholder data security. Following the PCI standards helps to improve cardholder data security and reduce fraud in your business.
In March 2022, the PCI SSC released the latest version of the PCI DSS, known as PCI DSS v4.0. It will replace v3.2.1 on 31 March 2024. From that date, you’ll need to meet the requirements set out in the new standard. Depending on how you take payments from your customers, the changes may impact you in different ways.
It’s an industry-wide directive – so whoever you take payments with, these changes will apply. If you have any questions, take a look at our FAQs page.
Key dates to keep your eye on
Here are the key dates to remember. You can get ahead by following these best practice recommendations.
16 January 2024
V4.0 will be live on the Data Security Manager (DSM) compliance portal. If you’ve already started the compliance process on v3.2.1 and haven’t completed the attestation by this date, your progress will be transferred over to v4.0 for you to complete the compliance process on the new version.
31 March 2024
If you use a third party provider to attest your compliance, this is the last date you can upload your v3.2.1 attestation of compliance to the DSM portal. Anything uploaded after this date will need to meet v4.0 requirements.
31 March 2025
Any best practice measures must become mandatory in your business and form part of your overall compliance assessment.