{"id":2983,"date":"2018-01-30T14:46:58","date_gmt":"2018-01-30T19:46:58","guid":{"rendered":"https:\/\/tsisupport.com\/?p=2983"},"modified":"2021-07-07T05:14:09","modified_gmt":"2021-07-07T09:14:09","slug":"new-pci-compliance-standards-deadline-approaching","status":"publish","type":"post","link":"https:\/\/tsisupport.com\/tsistaging\/?p=2983","title":{"rendered":"What Has Changed From PCI DSS 3.1 to PCI DSS 3.2?"},"content":{"rendered":"

The Payment Card Industry Security Standards Council (PCI SSC) published<\/a> a new version of the industry standard that businesses use to safeguard payment data before, during, and after purchase.\u00a0 PCI Data Security Standard (PCI DSS) version 3.2<\/a> replaces previous versions in addressing the growing threats to customer payment information.\u00a0 Any company that accepts, processes, or receives credit card payments should adopt it as soon as possible to prevent, detect, and respond to cyberattacks that lead to potential breaches. We have comprised answers to some of the most common questions about the update below.<\/p>\n

Why is the PCI DSS being updated?<\/strong><\/span><\/p>\n

The council updates the PCI DSS to ensure it continues to protect against old exploits that are still causing problems, addresses new exploits, and provides greater clarity for implementing and maintaining PCI DSS controls.<\/p>\n

What are the types of changes included in PCI DSS 3.2?<\/span> <\/strong><\/p>\n

PCI DSS 3.2 includes additional clarifications to existing requirements, new or evolving requirements, as well as additional guidance.\u00a0 These are outlined in the Summary of Changes from PCI DSS 3.1 to PCI DSS 3.2<\/a>.<\/p>\n

What is new in PCI DSS 3.2?<\/strong><\/span><\/p>\n

Within the 12 core requirements of the PCI DSS, there are five new sub-requirements for service providers affecting requirements 3, 10, 11, and 12.\u00a0 New sub-requirements have also been added to requirement 8 to ensure multi-factor authentication is used for all non-console administrative access as well as cardholder data environments. There are also two new appendices.\u00a0 Appendix A2 incorporates new migration deadlines<\/a> for removal of Secure Sockets Layer (SSL)\/early Transport Layer Security (TLS) in line with the December 2015 bulletin.\u00a0 Appendix A# incorporates the \u201cDesignated Entities Supplemental Validation\u201d (DESV), which was previously a separate document.\u00a0 All the changes are outlined in the Summary of Changes from PCI DSS 3.1 to PCI DSS 3.2<\/a>.<\/p>\n

How are these changes determined?<\/strong><\/span><\/p>\n

The standard update is part of the regular process for ensuring PCI DSS addresses current challenges and threats.\u00a0 This process factors in industry feedback from the PCI Council\u2019s more than 700 global Participating Organizations<\/a>, as well as data breach report findings and changes in payment acceptance.<\/p>\n

How long do organizations have to implement PCI DSS 3.2?<\/strong><\/span><\/p>\n

PCI DSS 3.1 retired on October 31s<\/sup>, 2016, after which all assessments need to use version 3.2. The new requirements introduced in PCI DSS 3.2 are considered best practices until January 31st<\/sup>, 2018.\u00a0 Beginning February 1st<\/sup>, 2018, they are effective as PCI requirements and must be used.<\/p>\n

What supporting documentation is available for compliance with PCI DSS 3.2?<\/strong><\/span><\/p>\n

PCI DSS 3.2 supporting documents include updated Self-Assessment Questionnaires (SAQ), Attestation of Compliance (AOC) forms, Report on Compliance (ROC) templates, Frequently Asked Questions (FAQ) and Glossary.\u00a0 All of these are available in the Documents Library<\/a> on the PCI SSC website.<\/p>\n

Source: <\/strong><\/span>PCI Security Standards 3.2<\/a><\/p>\n

\n\t
\n\t\t\t\t\t\t\t\t
\n\t\t\n
\n\t\t\t
\n\t
\n\t
\n\t\t

\n\t\tConfident with Your IT Strategy?<\/span>\n\t<\/h2>\n\t<\/div>\n<\/div>\n
\n\t
\n\t\t
\n\t

If you found the information in this blog post helpful and you'd like to discuss your business' technology strategy, then we'd be happy to hear from you.<\/p>\n<\/div>\n\t<\/div>\n<\/div>\n

\n\t
\n\t\t
\n\t\t\t\n\t\t\t\t\t\t\tGet in touch with tsi<\/span>\n\t\t\t\t\t<\/a>\n<\/div>\n\t<\/div>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t
\n\t
<\/div>\n<\/div>\n\t<\/div>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n<\/div>
<\/div>\n","protected":false},"excerpt":{"rendered":"

The Payment Card Industry Security Standards Council (PCI SSC) has published a new version of the industry standard that businesses use to safeguard payment data before, during, and after purchase.\u00a0 PCI Data Security Standard (PCI DSS) version 3.2 replaces previous versions in addressing the growing threats to customer payment information.<\/p>\n","protected":false},"author":2,"featured_media":8619,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[7],"tags":[110,319,112,344],"acf":[],"yoast_head":"\nPCI DSS 3.2 | New PCI Compliance Deadline Approaches | TSI<\/title>\n<meta name=\"description\" content=\"Discover everything you need to know about the new version of the industry-standard published by the Payment Card Industry Security Standards Council.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCI DSS 3.2 | New PCI Compliance Deadline Approaches | TSI\" \/>\n<meta property=\"og:description\" content=\"Discover everything you need to know about the new version of the industry-standard published by the Payment Card Industry Security Standards Council.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/tsisupport.com\/tsistaging\/?p=2983\" \/>\n<meta property=\"og:site_name\" content=\"TSI Support\" \/>\n<meta property=\"article:published_time\" content=\"2018-01-30T19:46:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-07T09:14:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"341\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Roger Murray\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roger Murray\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2983\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2983\",\"name\":\"PCI DSS 3.2 | New PCI Compliance Deadline Approaches | TSI\",\"isPartOf\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2983#primaryimage\"},\"image\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2983#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png\",\"datePublished\":\"2018-01-30T19:46:58+00:00\",\"dateModified\":\"2021-07-07T09:14:09+00:00\",\"author\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\"},\"description\":\"Discover everything you need to know about the new version of the industry-standard published by the Payment Card Industry Security Standards Council.\",\"breadcrumb\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2983#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/tsisupport.com\/tsistaging\/?p=2983\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2983#primaryimage\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png\",\"contentUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png\",\"width\":1024,\"height\":341},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=2983#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/tsisupport.com\/tsistaging\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What Has Changed From PCI DSS 3.1 to PCI DSS 3.2?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/\",\"name\":\"TSI Support\",\"description\":\"TSI - Technical Support International\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9\",\"name\":\"Roger Murray\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g\",\"caption\":\"Roger Murray\"},\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?author=2\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PCI DSS 3.2 | New PCI Compliance Deadline Approaches | TSI","description":"Discover everything you need to know about the new version of the industry-standard published by the Payment Card Industry Security Standards Council.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"PCI DSS 3.2 | New PCI Compliance Deadline Approaches | TSI","og_description":"Discover everything you need to know about the new version of the industry-standard published by the Payment Card Industry Security Standards Council.","og_url":"https:\/\/tsisupport.com\/tsistaging\/?p=2983","og_site_name":"TSI Support","article_published_time":"2018-01-30T19:46:58+00:00","article_modified_time":"2021-07-07T09:14:09+00:00","og_image":[{"width":1024,"height":341,"url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png","type":"image\/png"}],"author":"Roger Murray","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Roger Murray","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2983","url":"https:\/\/tsisupport.com\/tsistaging\/?p=2983","name":"PCI DSS 3.2 | New PCI Compliance Deadline Approaches | TSI","isPartOf":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#website"},"primaryImageOfPage":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2983#primaryimage"},"image":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2983#primaryimage"},"thumbnailUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png","datePublished":"2018-01-30T19:46:58+00:00","dateModified":"2021-07-07T09:14:09+00:00","author":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9"},"description":"Discover everything you need to know about the new version of the industry-standard published by the Payment Card Industry Security Standards Council.","breadcrumb":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2983#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/tsisupport.com\/tsistaging\/?p=2983"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2983#primaryimage","url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png","contentUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2018\/01\/PCI-Credit-Card-Header.fw_-1140x380-1.png","width":1024,"height":341},{"@type":"BreadcrumbList","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=2983#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/tsisupport.com\/tsistaging\/"},{"@type":"ListItem","position":2,"name":"What Has Changed From PCI DSS 3.1 to PCI DSS 3.2?"}]},{"@type":"WebSite","@id":"https:\/\/tsisupport.com\/tsistaging\/#website","url":"https:\/\/tsisupport.com\/tsistaging\/","name":"TSI Support","description":"TSI - Technical Support International","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/5eed34ada00b62f24100bd841a4f62e9","name":"Roger Murray","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/02eb44ce8ff599f733f8d322316f904d?s=96&d=mm&r=g","caption":"Roger Murray"},"url":"https:\/\/tsisupport.com\/tsistaging\/?author=2"}]}},"_links":{"self":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2983"}],"collection":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2983"}],"version-history":[{"count":0,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/2983\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/media\/8619"}],"wp:attachment":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2983"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2983"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2983"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}