Confessions of a QSA: PCI DSS Version 4.0

October 12, 2022
Sonia Gossai

In March of 2022, the Security Standard’s Council released version 4.0 of its Payment Card Industry Data Security Standard (PCI DSS.) Weaver’s IT Advisory Services’ Kyle Morris, Senior Manager, and Brittany George, Partner, spoke to Tyler Kern about the new standard and what people need to know on this episode of the show.

PCI DSS 4.0 applies to entities storing, processing, and transmitting cardholder data or could affect the security of cardholder data. Kyle said this includes merchants who sell goods and services and get paid with a credit or debit card, like a Visa or Mastercard as well as service providers and other entities that support these merchants. “So, that can affect many different types of organizations.”

Version 4.0 came out this past March, but the new standards do not take effect until March 31, 2024. This will give merchants and service providers time to prepare for the latest compliance standard. There is also a transitional period, said Kyle. “Entities will have another year on top of 2024, to March 31, 2025, to implement some of the new requirements going into place.”

“You can opt-in early for version 4.0,” Brittany said. “It is fine for organizations that are ready to do that. It is actually considered a best practice.”

What are some of the changes in the latest version? “One key difference is the approach to implementing PCI,” Brittany said. “We currently have the defined approach, the traditional method of implementing the requirements as stated. Version 4.0 will introduce the customized approach, which is an alternative way of implementing the requirements.”

This customized approach offers the ability to implement the controls in an advanced way, for example through machine learning. “Organizations, including many or our clients, have been asking for this for years, especially those who have been on the leading edge of technology,” Kyle said.

Recent Episodes

biofuel feedstock
View episode

In this week’s episode of Motor Fuels Tax Minute, our hosts discuss non-tax specific permits for biofuel feedstocks.   For information or assistance, contact us. We are here to help. ©2024 Detailed Description of Weaver’s Motor Fuels Tax Minute, Episode 43 00:00:00 Emilda: Welcome to Weaver’s Motor Fuels Tax Minute, the vlog where we talk all […]

Private Equity in Energy Transition
View episode

In this episode of Weaver: Beyond the Numbers, host Gabrielle Bejarano sits down with Mike Collier, a partner in Weaver’s Transaction Advisory Services, to discuss the critical role of private equity in the energy transition. As the world grapples with the urgent need for sustainable energy solutions, this conversation sheds light on whether private equity […]

Weaver Core Value Award
View episode

How can recognizing core values within a company foster a culture of collaboration and excellence, as exemplified by the achievements of Weaver’s Core Value Award winners? This year’s Weaver Core Value Award winners, Dana Burris, Director of Administration; Christopher Maurer, Manager in Tax Services; Dan Brumwell, Director of Transaction Advisory Services, and Ashley Winkler, […]