PCI Watch

❓ PCI SSC FAQs FAQ #1585 New 2024-10-03T14:25:01+00:00

When should an entity implement PCI DSS requirements noted as best practices until a future date?

Updates to PCI DSS are intended to address evolving threats in the payments ecosystem, therefore, entities are strongly encouraged to complete their transition to the most current PCI DSS version, …

❓ PCI SSC FAQs FAQ #1448 Updated 2024-09-23T16:16:39+00:00

What is meant by "At-Risk Timeframe" and at risk referenced in the Final PFI Report?

The At-Risk Timeframe refers to the period of time data elements, such as account data, were at risk for this Entity Under Investigation during the incident under investigation. A data …

❓ PCI SSC FAQs FAQ #1584 New 2024-09-09T14:52:08+00:00

For PCI DSS, can multi-factor authentication (MFA) implementations indicate the success of a factor prior to presentation of subsequent factors?

Yes. PCI DSS v4.x requires the success of all authentication factors before access is granted. However, it is acceptable under PCI DSS to indicate that one factor has been successful …

❓ PCI SSC FAQs FAQ #1080 Updated 2024-09-09T10:45:48+00:00

Recent Updates

When should an entity implement PCI DSS requirements noted as best practices until a future date?

What is meant by "At-Risk Timeframe" and at risk referenced in the Final PFI Report?

For PCI DSS, can multi-factor authentication (MFA) implementations indicate the success of a factor prior to presentation of subsequent factors?

Does PCI DSS Requirement 8.2.2 allow users to share authentication credentials?

PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures

P2PE Product AOV

P2PE Change Impact Template

ROC Template Summary of Changes

ROC Template Summary of Changes

ROC Template Summary of Changes

ROC Template Summary of Changes

ROC Template Summary of Changes

ROC Template Summary of Changes

ROC Template Summary of Changes

ROC Template Summary of Changes