Oct 01 2008
Version 1.2 of the Payment Card Industry Data Security Standards (PCI-DSS or just PCI) came out today. So of course, I’m on the road working with clients all day. I’ve looked over the pre-release change form, the pre-release version of the 1.2 standards, but of course I’m unable to look at the full release version let out today. Luckily I’ve got friends like Michael Dahn and the folks over at the Aegenis Group have given us a full rundown of the changes.
There doesn’t appear to be any changes between the change update from last month, but there may have been one or two minor wording changes. In fact, most of the changes appear to be fairly minor over all. The only thing that’s a little concerning about 1.2 is that it’s taking effect immediately and sunsetting the 1.1 version of the as of the end of the year. If you’ve got something that doesn’t quite meet with the new requirements, you’ve only got a few months to try to update and upgrade to catch up.