{"id":194,"date":"2024-03-08T14:22:00","date_gmt":"2024-03-08T14:22:00","guid":{"rendered":"https:\/\/3bdatasecurity.com\/3bds-blog\/?p=194"},"modified":"2024-11-06T16:47:44","modified_gmt":"2024-11-06T16:47:44","slug":"what-you-need-to-know-about-the-approaching-pci-dss-deadline","status":"publish","type":"post","link":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/","title":{"rendered":"PCI DSS Deadline Approaching – What You Need to Know"},"content":{"rendered":"\n

PCI DSS Version 3.2.1 is scheduled to retire on the 31st of March 2024<\/strong>, with Version 4.0 set to take its place.<\/p>\n\n\n\n

If your PCI compliance date falls after 1st April 2024, then you will need to complete an assessment against version 4.0 of the standard. Full adherence with the standard is expected by 31 March 2025.<\/p>\n\n\n\n

Failure to do so could result in potential penalties, fines, or disruption to card transactions. Non-compliance also poses risks of data breaches, which can have serious consequences for your business reputation and customer trust.<\/p>\n\n\n\n

It’s important to note that achieving certification for Version 4.0 will require more effort and time compared to previous versions. It’s not a simple repeat of last year’s process; there are new requirements and complexities to navigate. If your organisation is due to recertify soon, you\u2019ll need to start looking at the process now.<\/p>\n\n\n\n

New PCI Version 4.0 Requirements<\/strong><\/h3>\n\n\n\n

We have some new requirements to deal with, as this standard takes a slightly different approach as many are marked as \u201cBest Practise until 31st<\/sup> March 2025\u201d. In previous versions, these were described as \u201cFuture dated\u201d but due to the nature of this wording, these were often left until the last minute, (or later), to implement.<\/p>\n\n\n\n

Version 4.0 places a greater emphasis on security and risk management, requiring organisations to implement more robust security measures. This may include stricter controls around authentication, encryption, and monitoring, which could pose challenges for organisations in terms of implementation and ongoing maintenance.<\/p>\n\n\n\n

The importance of third-party security receives more focus too and v4.0 introduces new requirements for assessing and managing the security of third-party service providers. Organisations must ensure that third-party vendors comply with PCI DSS requirements and adequately protect cardholder data. This may involve conducting more thorough assessments, implementing stricter contractual obligations, and enhancing oversight of third-party relationships.<\/p>\n\n\n\n

Version 4.0 Challenges<\/strong><\/h3>\n\n\n\n

There are some new technical challenges in store too, with a requirement to implement means to monitor all scripts that are running on ecommerce websites. An inventory of scripts must be maintained, with a justification statement completed for each one. The scripts must be authorised, and the integrity of the script must be maintained too. This will pose a challenge to some, but it goes a long way towards helping to address a known security flaw.<\/p>\n\n\n\n

One of the other significant changes is to ensure that for every policy or procedure in place, the roles and responsibilities for managing the items covered are clear. In fact, this requirement crops up in every section of the new standard.<\/p>\n\n\n\n

There are too many individual changes to call out here, but the PCI Council have put together a useful guide, which can be downloaded for free here:<\/p>\n\n\n\n

https:\/\/docs-prv.pcisecuritystandards.org\/PCI%20DSS\/Standard\/PCI-DSS-v3-2-1-to-v4-0-Summary-of-Changes-r2.pdf<\/p>\n\n\n\n

While transitions can be daunting, please know that the team at 3B Data Security are here to support you every step of the way. Our team of QSAs have been working in the payment card industry for over 25 years and can help ensure your PCI transition is hassle-free.<\/p>\n\n\n\n

\"Get<\/a><\/figure>\n","protected":false},"excerpt":{"rendered":"

PCI DSS Version 3.2.1 is scheduled to retire on the\u00a031st of March 2024, with Version 4.0 set to take its place.
\nIf your PCI compliance date falls after 1st April 2024, then you will need to complete an assessment against version 4.0 of the standard. Full adherence with the standard is expected by 31 March 2025.<\/p>\n","protected":false},"author":5,"featured_media":282,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,10],"tags":[12,11],"class_list":["post-194","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-compliance","category-pci-dss","tag-compliance","tag-pci-dss"],"yoast_head":"\nPCI DSS Deadline Approaching, What You Need to Know<\/title>\n<meta name=\"description\" content=\"Get ready for PCI DSS 4.0. We tell you the essential updates, compliance deadlines, with expert guidance to avoid fines and protect your data.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCI DSS Deadline Approaching, What You Need to Know\" \/>\n<meta property=\"og:description\" content=\"Get ready for PCI DSS 4.0. We tell you the essential updates, compliance deadlines, with expert guidance to avoid fines and protect your data.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/\" \/>\n<meta property=\"og:site_name\" content=\"3B Data Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/3BDSLtd\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-08T14:22:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-06T16:47:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Annabelle Ilsley\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@3bData\" \/>\n<meta name=\"twitter:site\" content=\"@3bData\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Annabelle Ilsley\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/\",\"url\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/\",\"name\":\"PCI DSS Deadline Approaching, What You Need to Know\",\"isPartOf\":{\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png\",\"datePublished\":\"2024-03-08T14:22:00+00:00\",\"dateModified\":\"2024-11-06T16:47:44+00:00\",\"author\":{\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/#\/schema\/person\/f979fb9a97552f3b19fcb5a9b61349a6\"},\"description\":\"Get ready for PCI DSS 4.0. We tell you the essential updates, compliance deadlines, with expert guidance to avoid fines and protect your data.\",\"breadcrumb\":{\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#primaryimage\",\"url\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png\",\"contentUrl\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png\",\"width\":2000,\"height\":600,\"caption\":\"PCI DSS changes\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PCI DSS Deadline Approaching – What You Need to Know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/#website\",\"url\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/\",\"name\":\"3B Data Security Blog\",\"description\":\"News and Updates from 3B Data Security\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/#\/schema\/person\/f979fb9a97552f3b19fcb5a9b61349a6\",\"name\":\"Annabelle Ilsley\",\"url\":\"https:\/\/3bdatasecurity.com\/3bds-blog\/author\/ag3bds\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PCI DSS Deadline Approaching, What You Need to Know","description":"Get ready for PCI DSS 4.0. We tell you the essential updates, compliance deadlines, with expert guidance to avoid fines and protect your data.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/","og_locale":"en_GB","og_type":"article","og_title":"PCI DSS Deadline Approaching, What You Need to Know","og_description":"Get ready for PCI DSS 4.0. We tell you the essential updates, compliance deadlines, with expert guidance to avoid fines and protect your data.","og_url":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/","og_site_name":"3B Data Security Blog","article_publisher":"https:\/\/www.facebook.com\/3BDSLtd\/","article_published_time":"2024-03-08T14:22:00+00:00","article_modified_time":"2024-11-06T16:47:44+00:00","og_image":[{"width":2000,"height":600,"url":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png","type":"image\/png"}],"author":"Annabelle Ilsley","twitter_card":"summary_large_image","twitter_creator":"@3bData","twitter_site":"@3bData","twitter_misc":{"Written by":"Annabelle Ilsley","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/","url":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/","name":"PCI DSS Deadline Approaching, What You Need to Know","isPartOf":{"@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#primaryimage"},"image":{"@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#primaryimage"},"thumbnailUrl":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png","datePublished":"2024-03-08T14:22:00+00:00","dateModified":"2024-11-06T16:47:44+00:00","author":{"@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/#\/schema\/person\/f979fb9a97552f3b19fcb5a9b61349a6"},"description":"Get ready for PCI DSS 4.0. We tell you the essential updates, compliance deadlines, with expert guidance to avoid fines and protect your data.","breadcrumb":{"@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#primaryimage","url":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png","contentUrl":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-content\/uploads\/2024\/03\/Blog-Featured-Image.png","width":2000,"height":600,"caption":"PCI DSS changes"},{"@type":"BreadcrumbList","@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/what-you-need-to-know-about-the-approaching-pci-dss-deadline\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/3bdatasecurity.com\/3bds-blog\/"},{"@type":"ListItem","position":2,"name":"PCI DSS Deadline Approaching – What You Need to Know"}]},{"@type":"WebSite","@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/#website","url":"https:\/\/3bdatasecurity.com\/3bds-blog\/","name":"3B Data Security Blog","description":"News and Updates from 3B Data Security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/3bdatasecurity.com\/3bds-blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/3bdatasecurity.com\/3bds-blog\/#\/schema\/person\/f979fb9a97552f3b19fcb5a9b61349a6","name":"Annabelle Ilsley","url":"https:\/\/3bdatasecurity.com\/3bds-blog\/author\/ag3bds\/"}]}},"_links":{"self":[{"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/posts\/194","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/comments?post=194"}],"version-history":[{"count":5,"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/posts\/194\/revisions"}],"predecessor-version":[{"id":548,"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/posts\/194\/revisions\/548"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/media\/282"}],"wp:attachment":[{"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/media?parent=194"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/categories?post=194"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/3bdatasecurity.com\/3bds-blog\/wp-json\/wp\/v2\/tags?post=194"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}