Category: News

News from the world of payment security and PCI SSC standards

Triple DES (TDEA) obsolescence and its impact on PCI SSC standards

January 1, 2024 marked a milestone in the history of modern cryptography: The Triple DES algorithm (3DES/TDES or TDEA) was listed as "obsolete" by NIST. This news is part of the efforts of the migration to...

/ March 13, 2024

Reminder PCI PIN: Change the key upload process as of January 1, 2024

According to the PCI PTS PIN Security Requirements − Technical FAQs for use with Version 3, as of January 1, 2024, the process of loading keys in...

/ December 14, 2023

PCI SSC publishes 'Targeted Risk Analysis (TRA) Guidance' for PCI DSS v4.x

In November 2023, the PCI SSC published a new guide to support the activities required in PCI DSS v4.x. On this occasion, it is the PCI DSS v4.x Targeted Risk Analysis Guidance document.

/ November 30, 2023

AWS publishes its PCI DSS v4.0 compliance guide

As part of its efforts to facilitate the implementation of controls of different security standards in its customers' environments, Amazon Web Services (AWS), as a cloud service provider (CSP), published...

/ November 28, 2023

Validity of PCI DSS v3.2.1 compliance reports and assessments

The PCI SSC set 31 March 2024 as the deadline for the withdrawal of PCI DSS version 3.2.1. As of April 1, 2024 the only active and official version of PCI DSS...

/ November 15, 2023

Visa reports that its PIN security programme ended on 1 October 2023

In a decision that has taken the entire payment media ecosystem by surprise, Visa announced that its Visa PIN Security Program ended on October 1, 2023. In a brief statement...

/ October 30, 2023

Important dates

Important dates: October 1, 2023: The Visa PIN program has been withdrawn. January 1, 2024: Change the process of loading keys by components in PCI PIN March 31, 2024: The PCI DSS v3.2.1 standard will be withdrawn and the version...

/ January 24, 2023

The Ultimate Guide to Cryptographic Key Blocks

With the entry into force of the PCI PIN v2.0 standard in 2014, all encrypted symmetric keys (cryptograms) must be handled in structures called key blocks, which allow to protect in a standardized way the integrity of said cryptographic keys.

/ December 14, 2022

CDE General Inventory Template

Many of us have already begun to analyze and even work on the adaptations and new requirements for the transition process from PCI DSS version 3.2.1 to version 4.0. In the eagerness to support the...

/ November 23, 2022

China UnionPay is now part of PCI SSC

From October 2022, the China UnionPay (UP) logo will be present in the PCI SSC standards compliance reports, along with the logos of the five founding entities. China UnionPay (or simply "UnionPay" or...

/ November 2, 2022

Changes in Hispanic PCI

With more than 250 articles published and an average of 10,000 unique visitors per month, PCI Hispano has become a reference in the area of security of means of payment and regulatory compliance in Latin America. However, after that...

/ August 18, 2022