hello world!
Published: March 15, 2019

PCI DSS 3.2 Update Summary

Categories: ,
Tablet of Contents

As they do every so often the PCI standards have been updated. For most businesses, things will continue to be business as usual. However, the updating of the standards is always a good time to evaluate your compliance status with PCI and make sure that your company is adequately protecting cardholder data.

The 3 main points of the update are:
1. Updating the term "Two-Factor Authentication" to "Multi-Factor Authentication"
Most payment environments already use Two-Factor Authentication, meaning in addition to a password they will have security questions such as "What is your Mother's Maiden Name?", "What was the name of your high school?", etc. Other "factors" can include key cards, fingerprints, etc.

2. Only when instructed, some merchants may have additional reporting requirements
Most merchants will be unaffected. But when required by a card brand or acquirer, merchants may be required to provide additional information in accordance with PCI DSS Supplemental Designated Entities Validation (DESV). The document is available to download on this page.
This is likely to only be required for merchants that are seen as "high risk"

3. New requirements for service providers
Service providers are required to test system security more frequently, including mandatory penetration testing every 6 months, and quarterly reviews of internal policies and procedures.

While your organization may be doing everything it can to ensure cardholder data is secure, it is important to ensure that any 3rd party vendors are current with their PCI DSS compliance.

If you have any questions please feel free to contact us by emailing info@agapay.gives.
Best Regards,
The Agapay Team

AGAPAY - Transactions that give

Agapay was founded on the idea that payment processing should be ethical and give back to the community. In pricing, structure and service, we will always do our best to give the most value and maximize service.
Agapay is a Registered Partner/ISO of Elavon, Inc. Georgia [a wholly owned subsidiary of U.S. Bancorp, Minneapolis, MN]
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram