PCI Security Standards Council Publishes Minor Revision to PCI Data Security Standard
Today the PCI Security Standards Council (PCI SSC) published a minor revision to the PCI Data Security Standard (PCI DSS), which businesses around the world use to safeguard payment card data before, during and after a purchase is made. PCI DSS version 3.2.1 replaces version 3.2 to account for effective dates and Secure Socket Layer (SSL)/early Transport Layer Security (TLS) migration deadlines that have passed. No new requirements are added in PCI DSS v3.2.1. PCI DSS v3.2 remains valid through 31 December 2018 and will be retired as of 1 January 2019.
“This update is designed to eliminate any confusion around effective dates for PCI DSS requirements introduced in v3.2, as well as the migration dates for SSL/early TLS,” said PCI SSC Chief Technology Officer Troy Leach. “It is critically important that organizations disable SSL/early TLS and upgrade to a secure alternative to safeguard their payment data.”
The minor changes in PCI DSS v3.2.1 reflect how existing requirements are affected once the effective dates and SSL/TLS migration deadlines have passed so that organizations can accurately report how their implementations meet these existing requirements after 30 June. Specifically, the changes include:
- Removal of notes referring to an effective date of 1 February 2018 for applicable requirements, as this date has passed.
- Updates to applicable requirements and Appendix A2 to reflect that only POS POI (point of sale point of interaction) terminals and their service provider connection points may continue using SSL/early TLS as a security control after 30 June 2018.
- Removal of multi-factor authentication (MFA) from the compensating control example in Appendix B, as MFA is now required for all non-console administrative access; addition of one-time passwords as an alternative potential control for this scenario.
The updates in PCI DSS v3.2.1 do not affect the Payment Application Data Security Standard (PA-DSS), which will remain at v3.2.
PCI DSS v3.2.1 and a summary of changes from v3.2 to v3.2.1 are available now in the Document Library on the PCI SSC website. Updated versions of the Migrating from SSL and Early TLS Information Supplement, Self-Assessment Questionnaires (SAQ) and SAQ Instructions and Guidelines will be published shortly to support PCI DSS v3.2.1.
For more information, read PCI Perspectives blog Q&A with Chief Technology Officer Troy Leach: PCI DSS Now and Looking Ahead.
About the PCI Security Standards Council
The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent cyberattacks and breaches. Connect with the PCI SSC on LinkedIn. Join the conversation on Twitter @PCISSC. Subscribe to the PCI Perspectives Blog.
PCI Security Standards Council
Mark Meissner, +1-202-744-8557
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Tilaa tiedotteet sähköpostiisi
Haluatko tietää asioista ensimmäisten joukossa? Kun tilaat mediatiedotteemme, saat ne sähköpostiisi välittömästi julkaisuhetkellä. Tilauksen voit halutessasi perua milloin tahansa.
Lue lisää julkaisijalta Business Wire
Abu Dhabi to Host Interfaith Alliance For Safer Communities: Child Dignity in the Digital World Forum on 19 November17.11.2018 16:40 | Tiedote
Held under the patronage of His Highness Sheikh Mohammed bin Zayed Al Nahyan, Crown Prince of Abu Dhabi and Deputy Supreme Commander of the UAE Armed Forces, the UAE will host the first edition of the Interfaith Alliance For Safer Communities Forum on November 19-20 in recognition of the country’s leading role in promoting tolerance and interfaith dialogue. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20181117005008/en/ His Highness Sheikh Mohammed bin Zayed Al Nahyan, Crown Prince of Abu Dhabi and Deputy Supreme Commander of the UAE Armed Forces (Photo: AETOSWire) The forum will host 450 guests including religious leaders, NGOs and heads of industry to discuss ongoing social challenges and develop comprehensive solutions for protecting youth from cybercrime. The Interfaith Alliance For Safer Communities Forum is an expansion of the Child Dignity in the Digital World Congress which was held in October 2017 in the Vatican, an
Philip Morris International and Dorna Switch Gears in Quest for a World without Tobacco Smoke17.11.2018 14:00 | Tiedote
Philip Morris International Inc. (PMI) (NYSE:PM) and Dorna Sports S.L., the commercial rights holder for the world FIM MotoGP Championships, have extended their partnership until the end of 2021. The two organizations have collaborated successfully for 26 years. As of 2019, the partnership will focus on advancing the cause of a smoke-free world. More than 1 billion people smoke today and, according to the World Health Organization, will continue to smoke in the near future. PMI has committed to transform its business and encourage all men and women who would otherwise continue smoking to replace cigarettes with better alternatives as soon as possible. With around 350 million MotoGP fans worldwide, MotoGP can play a significant role in positively impacting the lives of people who smoke and those around them. “The best choice for consumers concerned about the health risks of smoking is to quit tobacco and nicotine altogether. Today, however, technology, science and innovation provide a r
Schlumberger Announces Fourth-Quarter and Full-Year 2018 Results Conference Call16.11.2018 21:00 | Tiedote
Schlumberger Limited (NYSE:SLB) will hold a conference call on January 18, 2019 to discuss the results for the fourth quarter and full year ending December 31, 2018. The conference call is scheduled to begin at 8:30 am US Eastern time and a press release regarding the results will be issued at 7:00 am US Eastern time. To access the conference call, listeners should contact the Conference Call Operator at +1 (800) 288-8967 within North America or +1 (612) 333-4911 outside of North America approximately 10 minutes prior to the start of the call, and ask for the “Schlumberger Earnings Conference Call.” A webcast of the conference call will be broadcast simultaneously at www.slb.com/irwebcast on a listen-only basis. Listeners should log in 15 minutes prior to the start of the call to test their browsers and register for the webcast. Following the end of the conference call, a replay will be available at www.slb.com/irwebcast until February 18, 2019, and can be accessed by dialing +1 (800)
Visa Strengthens Commitment to Growing Digital Payments in India16.11.2018 17:33 | Tiedote
Visa (NYSE: V) today announced a minority investment in BillDesk, a leading platform for online payments and bill payments in India. Visa’s investment and collaboration will help BillDesk develop new product lines for its payments and loyalty businesses and also expand its footprint into other geographies. The investment will be subject to necessary statutory approvals and is expected to have no direct bearing on Visa’s existing Indian business. “As a leading payments player in India, BillDesk has been a long time business partner to Visa. Having worked with BillDesk’s founders over the years, the Visa leadership has been consistently impressed with their vision, market knowledge and execution capabilities, as well as alignment on values. This investment further reinforces our long-term commitment to India’s digital payments growth story,” said Asia Pacific regional president, Chris Clark. “We are truly excited by this investment from the world's largest global payment network, Visa. W
Guidewire Enhances PartnerConnect Consulting Program with Addition of Product and Regional Specializations16.11.2018 16:55 | Tiedote
Guidewire Software, Inc. (NYSE: GWRE), provider of the industry platform Property and Casualty (P&C) insurers rely upon, today announced the addition of specializations to its PartnerConnect Consulting program. Specializations have been added to aid insurance companies in selecting the best partner to lead or staff their Guidewire projects. Guidewire unveiled new specializations, including two which have been successfully piloted earlier this year. “Our customers will now have more clarity and information as to which partners have the proven capabilities in their chosen product and region,” said Lisa Walsh, vice president, Alliances, Guidewire Software. “Adding these specializations will also allow us to have more insight into a partner’s performance and competencies.” To earn a specialization, partners need to demonstrate skills, knowledge, and competency in a specific Guidewire product or solution by certifying staff at multiple levels (specialist and professional) through Guidewire’
Janssen receives positive CHMP opinion for ERLEADA™ (apalutamide) for patients with non-metastatic castration-resistant prostate cancer who are at high risk of developing metastatic disease16.11.2018 16:15 | Tiedote
The Janssen Pharmaceutical Companies of Johnson & Johnson today announced that the Committee for Medicinal Products for Human Use (CHMP) of the European Medicines Agency (EMA) has issued a positive opinion for apalutamide, a next generation oral androgen receptor inhibitor for the treatment of adult patients with non-metastatic castration-resistant prostate cancer (nmCRPC) who are at high risk of developing metastatic disease.2 The CHMP’s positive opinion will now be reviewed by the European Commission (EC), which has the authority to grant approval for the use of apalutamide. The CHMP’s positive opinion is based on data from the pivotal SPARTAN Phase 3 clinical study which assessed the safety and efficacy of apalutamide versus placebo in patients with nmCRPC who have a rapidly rising prostate specific antigen (PSA) level despite receiving continuous androgen deprivation therapy (ADT). The SPARTAN clinical study showed that apalutamide, when added to ADT, significantly reduced the risk
Uutishuoneessa voit lukea tiedotteitamme ja muuta julkaisemaamme materiaalia. Löydät sieltä niin yhteyshenkilöidemme tiedot kuin vapaasti julkaistavissa olevia kuvia ja videoita. Uutishuoneessa voit nähdä myös sosiaalisen median sisältöjä. Kaikki STT Infossa julkaistu materiaali on vapaasti median käytettävissä.Tutustu uutishuoneeseemme