Blog

PCI DSS 4.0 is Open for Discussion

April 26, 2022

The PCI Data Security Standard (PCI DSS) is a global standard of technical and operational requirements for merchants and service providers who collect, process, or store cardholder data. The next evolution of the PCI DSS,  version 4.0, is emerging. 

The new version adds significant complexity to the PCI DSS compliance process, according to experts. Not necessarily good news for the merchants mentioned above and service providers.  

The Answers You Need About PCI DSS Version 4 

For the latest updates and analysis of PCI DSS version 4, join our PCI guru, Jeff Hall, and the PCI Dream Team for a Q&A session on Thursday, April 28th at 1 PM ET to discuss everything PCI! 

The team will discuss the latest PCI trends and analyze the unique issues faced by the industry. Bring your questions. The PCI Dream Team will be taking them to live! 

PCI DSS 4.0 Compliance Program 

Any organization that uses and handles consumer credit or debit payment information must comply with Payment Card Industry Data Security Standard. This standard covers technical and operational practices for handling cardholder data. To prepare yourself and your organization, it’s essential to look ahead to this new version of PCI DSS. 

PCI DSS 3.2.1 to PCI DSS 4.0 

Merchants: 

As a general rule, if you don’t need to process or store sensitive cardholder data, don’t. If you have already eliminated SAD and PAN from your information management system, you should have a relatively smooth transition from 3.2.1 to 4.0. 

Service Providers: 

Start by contacting Truvantis regarding a gap analysis, risk assessment, and scope reduction against the new PCI DSS 4.0 requirements. 

Get Started on PCI DSS Compliance with Truvantis 

PCI DSS compliance can be expensive. You can reduce effort and cost by relying on a trusted vendor to deal with it for you. Let them deal with compliance so you can invest in your business.  

PCI DSS v4 will become auditable after QSA training and certification, expected around June 2022. We expect organizations to start going for v4 assessments in the second half of 2023. 

Truvantis is available to consult, implement, and manage your PCI compliance program. Whether you're looking for help achieving PCI DSS compliance or need verification by a Qualified Security Assessor (QSA), Truvantis can help. 

Contact us about PCI DSS Compliance.  

Related Articles By Topic

PCI DSS

Contact Us
Ask us about planning your PCI DSS 4.0 transition
Schedule a call
Contact Us

Recent Articles

Truvantis - Cybersecurity Maturity - One Size Does Not Fit All
PCI DSS, CIS Controls, Security Program, Privacy, ISO27001
Cybersecurity Maturity - One Size Does Not Fit All – Rick Folkerts

It's common knowledge that enterprise organizations need effective security, privacy and compliance programs to survive and grow. There are a handful of generic best practices but beyond that, cybersecurity programs must be tailored to...

Read more
The Silver Bullet Defense to Ransomware – by Andy Cottrell
Ransomware
The Silver Bullet Defense to Ransomware – by Andy Cottrell

In an era of cost-cutting, downsizing and generally insufficient budgets for everything, we are often asked, what is the one, main thing to do to protect against a ransomware attack? According to Statista, in 2022, there were 493.33 mi...

Read more
Cryptographic Agility – by Jeff Hall (the ’PCI Guru’)
Security Program
Cryptographic Agility – by Jeff Hall (the ’PCI Guru’)

With the advent of quantum computing, a new threat has been added to the information security mix. The threat is today’s secure cryptography may not be secure once quantum computers reach their potential. The threat to cryptography has...

Read more

info@truvantis.com

+1 (415) 422-9844

    © 2022 Truvantis, Inc All Rights Reserved.

    Privacy Policy    Terms of Service