PCI-DSS
standard
PCI DSS is an information security standard for organizations that handle branded credit cards from the major card schemes.
| Release | Released | Acceptance |
|---|---|---|
| 4.0.1 | 1 year and 4 months ago (11 Jun 2024) |
Yes |
| 4.0 | 3 years and 7 months ago (31 Mar 2022) |
Ended
10 months ago (31 Dec 2024)
|
| 3.2.1 | 7 years ago (01 May 2018) |
Ended
1 year and 7 months ago (31 Mar 2024)
|
| 3.2 | 9 years ago (01 Apr 2016) |
Ended
6 years and 10 months ago (31 Dec 2018)
|
| 3.1 | 10 years ago (01 Apr 2015) |
Ended
9 years ago (31 Oct 2016)
|
The period for which an entity’s PCI DSS assessment result is valid does not change if the standard against which the entity was assessed has been retired1.
- Future-dated new requirements introduced in v4.0 will become effective on 31st March 2025.
- PCI DSS v3.2.1 was retired on 31st March 2024. Changes from v3.2.1 to v4 are documented in the Summary of Changes
- PCI DSS v3.2 remained valid till 31 December 2018 and was retired on 1 January 2019.
- PCI DSS v3.1 retired on 31 October 2016. The new requirements introduced in PCI DSS v3.2 were considered best practices until 31 January 2018. Starting 1 February 2018 they are effective as requirements and must be used.
More information is available on the PCI-DSS website.
You can submit an improvement to this page
on GitHub
.
This page has a corresponding Talk Page.
A JSON version of this page is available at /api/v1/products/pci-dss/. See the API Documentation for more information. You can subscribe to the iCalendar feed at /calendar/pci-dss.ics.