Pci Dss v4 0 at A Glance
Pci Dss v4 0 at A Glance
Pci Dss v4 0 at A Glance
Continue to Meet the Promote Security as Add Flexibility for Enhance Validation
Security Needs of the Continuous Process Different Methodologies Methods
Payment Industry
3
Request for Comment (RFCs)
6,000+
Items of Feedback
200+
Companies Provided
On Draft Content Received Feedback
Implementation Timeline
PCI DSS v3.2.1 will remain active for two years after v4.0 is published. This provides organizations time to become
familiar with the new version, and plan for and implement the changes needed.
31 March 2025
Official Release: ISA/QSA 31 March 2024
Future-dated new
PCI DSS v4.0 with training and PCI DSS v3.2.1
requirements
validation supporting retired
become effective
documents documents
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2
© 2022 PCI Security Standards Council LLC. The intent of this document is to provide supplemental 1
information, which does not replace or supersede PCI SSC Security Standards or their supporting documents.
March 2022
AT A GLANCE: PCI DSS v4.0
Examples:
• Expanded multi-factor authentication requirements.
• Updated password requirements.
• New e-commerce and phishing requirements to address ongoing threats.
© 2022 PCI Security Standards Council LLC. The intent of this document is to provide supplemental 2
information, which does not replace or supersede PCI SSC Security Standards or their supporting documents.
March 2022