Payment Card Industry Data Security Standard (PCI DSS) 2.0 was released in October 2010. Although there were no major changes to the existing version of the standard (PCI DSS 1.2), some noteworthy developments have taken place.
- The standard is maturing and becoming more stable.
- Further clarity has been provided for key control areas.
- Specific technical changes have been made.
- Emerging technologies have been acknowledged as playing a role in achieving compliance.
PCI is maturing further and becoming more widely adopted across the globe. A three-year life cycle has been introduced, creating even more certainty for those planning PCI DSS compliance activities. The PCI Security Standards Council (Council) consolidated ownership of payment application security (PA DSS) and payment terminal security (PTS) and also established a three-year change life cycle under its governance.