Barclays uses cookies on this website. Some cookies are essential to provide our services to you. Other cookies help us to analyse how you use the site, so we can improve your experience on our site. Cookies are stored locally on your computer or mobile device. Please select 'Accept all' to consent to cookies, or select ‘Reject all’ to reject all but essential cookies’, or select 'Manage cookies' to change your preferences. For more information visit our cookie policy.

PCI DSS

Helping your business stay safe

PCI DSS

Helping your business to stay safe

Get ready for the latest version of PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a global standard published by the PCI Security Standards Council (PCI SSC) to maintain and enforce industry best practice for cardholder data security. Following the PCI standards helps to improve cardholder data security and reduce fraud in your business.

In March 2022, the PCI SSC released the latest version of the PCI DSS, known as PCI DSS v4.0. It will replace v3.2.1 on 31 March 2024. From that date, you’ll need to meet the requirements set out in the new standard. Depending on how you take payments from your customers, the changes may impact you in different ways.

It’s an industry-wide directive – so whoever you take payments with, these changes will apply. If you have any questions, take a look at our FAQs page.

Key dates to keep your eye on

Key dates

Here are the key dates to remember. You can get ahead by following these best practice recommendations.

16 January 2024

V4.0 will be live on the Data Security Manager (DSM) compliance portal. If you’ve already started the compliance process on v3.2.1 and haven’t completed the attestation by this date, your progress will be transferred over to v4.0 for you to complete the compliance process on the new version.

31 March 2024

If you use a third party provider to attest your compliance, this is the last date you can upload your v3.2.1 attestation of compliance to the DSM portal. Anything uploaded after this date will need to meet v4.0 requirements.

31 March 2025

Any best practice measures must become mandatory in your business and form part of your overall compliance assessment.