PCI-DSS
standard
PCI DSS is an information security standard for organizations that handle branded credit cards from the major card schemes.
| Release | Released | Acceptance |
|---|---|---|
| 4.0.1 | 5 months ago (11 Jun 2024) |
Yes |
| 4.0 | 2 years and 7 months ago (31 Mar 2022) |
Ends
in 1 month and 1 week (31 Dec 2024)
|
| 3.2.1 | 6 years ago (01 May 2018) |
Ended
7 months and 3 weeks ago (31 Mar 2024)
|
| 3.2 | 8 years ago (01 Apr 2016) |
Ended
5 years and 10 months ago (31 Dec 2018)
|
| 3.1 | 9 years ago (01 Apr 2015) |
Ended
8 years ago (31 Oct 2016)
|
The period for which an entity’s PCI DSS assessment result is valid does not change if the standard against which the entity was assessed has been retired1.
- Future-dated new requirements introduced in v4.0 will become effective on 31st March 2025.
- PCI DSS v3.2.1 was retired on 31st March 2024. Changes from v3.2.1 to v4 are documented in the Summary of Changes
- PCI DSS v3.2 remained valid till 31 December 2018 and was retired on 1 January 2019.
- PCI DSS v3.1 retired on 31 October 2016. The new requirements introduced in PCI DSS v3.2 were considered best practices until 31 January 2018. Starting 1 February 2018 they are effective as requirements and must be used.
-
https://www.pcisecuritystandards.org/faq/articles/Frequently_Asked_Question/Does-an-entity-s-PCI-DSS-assessment-result-expire-when-the-standard-against-which-the-entity-was-assessed-is-retired/ ↩
More information is available on the PCI-DSS website.
You can submit an improvement to this page
on GitHub
.
This page has a corresponding Talk Page.
A JSON version of this page is available at /api/pci-dss.json. See the API Documentation for more information. You can subscribe to the iCalendar feed at /calendar/pci-dss.ics.