Ensuring PCI DSS v4.0 Compliance for Data Security and Integrity In a Shifting Payment Landscape
Regions: US, Canada, AP, CEMEA, EU, LAC
6 March 2023
Visa is reminding all payment ecosystem entities that they should employ strict monitoring of all network traffic and firewall traffic that may facilitate payment data or other processes, and that payment data should only traverse approved systems or protocols. Visa is reinforcing the recently published Payment Card Industry Data Security Standard (PCI DSS) v4.0 to ensure that all payment participants are implementing security controls against potential vulnerabilities, weaknesses and threat vectors that can be exploited by cyber threats. Visa is committed to ensuring card data security as the landscape evolves and new innovations are brought to market.
The PCI DSS is an industry standard that provides a baseline of technical and operational requirements designed to protect payment card account data. An entity must be compliant with all PCI DSS requirements to protect Visa cardholder data. Any PCI DSS requirements that are not in place can cause or contribute to an entity losing payment data through unauthorized access. Published in March 2022, PCI DSS v4.0 addresses emerging threats and technologies and enables innovative methods to combat these new threats. Adherence to PCI DSS v4.0 helps ensure an entity promotes data security as a continuous process and protects their payment card environment from evolving threats. For more information, refer to the resources below.
Additional resources: