PCI Security Standards Council Publishes Minor Revision to PCI Data Security Standard
Today the PCI Security Standards Council (PCI SSC) published a minor revision to the PCI Data Security Standard (PCI DSS), which businesses around the world use to safeguard payment card data before, during and after a purchase is made. PCI DSS version 3.2.1 replaces version 3.2 to account for effective dates and Secure Socket Layer (SSL)/early Transport Layer Security (TLS) migration deadlines that have passed. No new requirements are added in PCI DSS v3.2.1. PCI DSS v3.2 remains valid through 31 December 2018 and will be retired as of 1 January 2019.
“This update is designed to eliminate any confusion around effective dates for PCI DSS requirements introduced in v3.2, as well as the migration dates for SSL/early TLS,” said PCI SSC Chief Technology Officer Troy Leach. “It is critically important that organizations disable SSL/early TLS and upgrade to a secure alternative to safeguard their payment data.”
The minor changes in PCI DSS v3.2.1 reflect how existing requirements are affected once the effective dates and SSL/TLS migration deadlines have passed so that organizations can accurately report how their implementations meet these existing requirements after 30 June. Specifically, the changes include:
- Removal of notes referring to an effective date of 1 February 2018 for applicable requirements, as this date has passed.
- Updates to applicable requirements and Appendix A2 to reflect that only POS POI (point of sale point of interaction) terminals and their service provider connection points may continue using SSL/early TLS as a security control after 30 June 2018.
- Removal of multi-factor authentication (MFA) from the compensating control example in Appendix B, as MFA is now required for all non-console administrative access; addition of one-time passwords as an alternative potential control for this scenario.
The updates in PCI DSS v3.2.1 do not affect the Payment Application Data Security Standard (PA-DSS), which will remain at v3.2.
PCI DSS v3.2.1 and a summary of changes from v3.2 to v3.2.1 are available now in the Document Library on the PCI SSC website. Updated versions of the Migrating from SSL and Early TLS Information Supplement, Self-Assessment Questionnaires (SAQ) and SAQ Instructions and Guidelines will be published shortly to support PCI DSS v3.2.1.
For more information, read PCI Perspectives blog Q&A with Chief Technology Officer Troy Leach: PCI DSS Now and Looking Ahead.
About the PCI Security Standards Council
The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent cyberattacks and breaches. Connect with the PCI SSC on LinkedIn. Join the conversation on Twitter @PCISSC. Subscribe to the PCI Perspectives Blog.
PCI Security Standards Council
Mark Meissner, +1-202-744-8557
Om Business Wire
(c) 2018 Business Wire, Inc., All rights reserved.
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Følg saker fra Business Wire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Business Wire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Business Wire
Ultra-Low Power Lattice sensAI Leads Mass Market Enablement of Artificial Intelligence in Edge Devices21.5.2018 12:00 | Pressemelding
Lattice Semiconductor Corporation (NASDAQ: LSCC) today unveiled Lattice sensAI™ – a complete technology stack combining modular hardware kits, neural network IP cores, software tools, reference designs and custom design services – to accelerate integration of machine learning inferencing into broad market IoT applications. With solutions optimized for ultra-low power consumption (under 1 mW–1 W), small package size (5.5 mm2 –100 mm2), interface flexibility (MIPI® CSI-2, LVDS, GigE, etc.), and high-volume pricing (~$1-$10 USD), Lattice sensAI stack fast-tracks implementation of edge computing close to the source of data. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20180521005011/en/ (Graphic: Business Wire) “Lattice sensAI addresses the unmet need for flexible, low cost, ultra-low power AI silicon solutions suited for rapid deployment across a wide range of emerging, mass market IoT applications,” said Deepak Boppana, senior
NioCorp Awards Contract to Rockwell Automation on Groundbreaking Critical Minerals, Mining and Processing Facility in Nebraska21.5.2018 12:00 | Pressemelding
NioCorp Developments Ltd. (TSX: NB, OTCQX: NIOBF), a developer of superalloy metals, has awarded a major contract to Rockwell Automation (NYSE: ROK) to engineer, design and procure process automation and instrumentation for NioCorp’s proposed critical minerals, mining and processing facility in Elk Creek, Nebraska. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20180521005228/en/ Three superalloy metals – niobium, scandium and titanium – are expected to be produced by the facility as early as 2021. These critical materials are used in the aerospace, defense, automotive, clean energy, commercial aviation and mega-infrastructure sectors. Generally, these superalloys enable increased strength and lighter weight in transportation and other systems, leading to better fuel efficiency and lower greenhouse gas and other air emissions, according to NioCorp. “We selected Rockwell Automation and its partners to automate our process equip
Biosimilars could facilitate early access to life changing biological treatments for patients says Celltrion Healthcare21.5.2018 11:27 | Pressemelding
At the International Society for Pharmacoeconomics and Outcomes Research (ISPOR) 23rd Annual International Meeting in Baltimore, Celltrion Healthcare today advocated for healthcare systems to introduce biologics earlier in a patient’s treatment regimen in order to improve clinical outcomes. Several studies show that the early introduction of biologics can bring greater clinical benefit to patients.1,2,3,4,5,6 However, only a limited number of patients have access to biological treatment due to the high-cost of biologics and current reimbursement policies determined by pharmacoeconomic evaluations. Since the introduction of biosimilars, the overall cost of biological treatments has reduced in Europe, allowing an increased number of patients to access this important treatment option earlier in their course of treatment.7 Professor Jørgen Jahnsen said, “For the treatment of inflammatory bowel disease, biological treatments are proven to be the most efficacious medical therapy and their ea
Dole’s Joint Venture Recycling Company Celebrates 25 Years21.5.2018 11:00 | Pressemelding
Dole Food Company announced today that Recyplast S.A., an innovative plastic recycling company based in Costa Rica and with joint ownership including a subsidiary of Dole Fresh Fruit, recently surpassed 25 years in its mission to dramatically reduce and reuse agricultural waste. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20180521005160/en/ Raul Martinez (right), General Manager of Dole Standard Fruit de Costa Rica, receives a plaque from Jose Miguel Ramirez, General Manager of Recyplast, in recognition of the contribution of Dole's banana plantations in the correct handling, storage, and provision of field plastic waste. The plastic recycling facility pioneered the collection of field plastics after use in banana growing operations in Costa Rica. This reuse and recycling process includes reclamation of plastic bags that protect bananas from weather and insects, as well as the collection of plastic twine used to prop the ba
ViiV Healthcare Receives EU Marketing Authorisation for Juluca (dolutegravir/rilpivirine), the First 2-Drug Regimen, Once-Daily, Single-Pill for the Treatment of HIV21.5.2018 10:11 | Pressemelding
ViiV Healthcare, the global specialist HIV company, majority owned by GlaxoSmithKline, with Pfizer Inc. and Shionogi Limited as shareholders, today announced that the European Commission has granted marketing authorisation for Juluca (dolutegravir 50mg/rilpivirine 25mg) for the treatment of human immunodeficiency virus type 1 (HIV-1) infection in adults who are virologically suppressed (HIV-1 RNA <50 copies/mL) on a stable antiretroviral regimen for at least six months with no history of virological failure and no known or suspected resistance to any non-nucleoside reverse transcriptase inhibitor or integrase inhibitor.1 Juluca is a 2-drug regimen of dolutegravir (ViiV Healthcare), the most widely prescribed integrase inhibitor worldwide,2 and rilpivirine (Janssen Sciences Ireland UC, part of the Janssen Pharmaceutical Companies of Johnson & Johnson).1 Deborah Waterhouse, CEO ViiV Healthcare said, “The European Commission Decision for Juluca is very positive news for people living with
Janssen Announces European Commission Approval of JULUCA®▼ (dolutegravir/rilpivirine), the First Two-Drug Regimen, Once-Daily, Single-Pill for the Treatment of HIV-121.5.2018 10:06 | Pressemelding
The Janssen Pharmaceutical Companies of Johnson & Johnson today announced that the European Commission has granted marketing authorisation for JULUCA® (dolutegravir 50mg [ViiV Healthcare]/rilpivirine 25mg [Janssen Sciences Ireland UC]).1 ViiV Healthcare, as the marketing authorisation holder, will market dolutegravir/rilpivirine in all countries in the European Union and European Economic Area. Dolutegravir/rilpivirine is the first two-drug regimen, once-daily, single-pill for the treatment of human immunodeficiency virus type 1 (HIV-1) infection in adults who are virologically suppressed (HIV-1 RNA <50 c/mL) on a stable antiretroviral regimen for at least six months with no history of virological failure and no known or suspected resistance to any non-nucleoside reverse transcriptase inhibitor (NNRTI) or integrase inhibitor (INI).1 “The European Commission Decision for dolutegravir/rilpivirine marks a significant milestone in our 25-year commitment to make HIV history,” said Brian Woo