On March 31, 2022, the PCI Security Standards Council (PCI SSC) published version 4.0 of PCI DSS - the most comprehensive update of the security standard for credit card data ever. Things are now getting serious for companies requiring certification: as of March 31, 2024, PCI DSS v4.0 will completely replace the previous version 3.2.1. What you need to know and how you can prepare for the changeover to PCI DSS v4.0, we summarize for you in this article
PCI DSS v4.0: Dates at a glance
As a reminder, these are the key dates for PCI DSS v4.0 implementation:
31 March 2022
Release of PCI DSS v4.0
31 March 2022 until 31 March 2024
Transition period: During this period, assessments may be performed against PCI DSS v3.2.1 or v4.0.
31 March 2024
Expiration of PCI DSS v3.2.1, after which v4.0 certifications must be performed.
31 March 2025
As of this date, new, future-dated requirements of PCI DSS v4.0 must be implemented.
What's new in PCI DSS v4.0?
Our experts have summarized the new requirements of PCI DSS v4.0 for you in webinars and blog posts. We will continue to keep you up to date on further innovations.
The most important changes at a glance:
Webinar recordings (on YouTube):
We take the next steps with you
Aligning and thus further developing existing processes based on the requirements of PCI DSS v4.0 usually requires a well thought-out implementation project. This is how we support you:
Overview of the new requirements
We present the new requirements for your company in an initial workshop. Together, we create an overview of the PCI DSS v4.0 requirements relevant to you and present known challenges and best practices.
Evaluate requirements for your company
As part of a gap analysis, we review all certification-relevant IT systems, existing documentation and current processes for their compliance with PCI DSS v4.0. Identified deviations are documented in the form of a catalog of measures and discussed with you.
Is your PCI DSS v3.2.1 certification coming up? Our experts will be happy to perform the gap analysis alongside your audit.
Plan & implement measures
We do not leave you alone after the gap analysis. Our auditors will work with you to create an individual roadmap. Based on the results of your gap analysis, we will develop concrete packages of measures with corresponding tickets, and we will closely support you in their implementation.
Certification against PCI DSS v4.0
You are ready. After successful implementation, we will accompany you, as usual, as your auditor in confirming your compliance with PCI DSS.
Do you have questions or need support?
usd Technical Sales Consultant,
PCI Professional
Our PCI experts will guide you to your certification and support you in the transition to PCI DSS v4.0. Contact us, we will be happy to help.
