The PCI Security Standards Council (PCI SSC) has developed multiple security standards that define specific security requirements oriented towards the protection of each of the areas related to the security of payment card data, from its printing in plastic through its capture and authentication in face-to-face and non-face payment channels, to the security of the devices responsible for providing cryptographic routines for the protection of the associated data. These standards can be evaluated by companies Qualified Security Assessor Companies (QSAC) or by approved laboratories.

To facilitate the understanding and relationships between each of the standards, at PCI Hispano we have created the following infographic where all currently active standards are listed, their versions, their publication date and the entity that carries out their evaluation (click on the image to enlarge it):

The PDF version (high definition) with links to PCI SSC descriptions can be downloaded here (updated January 2026):

pdf

1

For recommendations, suggestions and / or errata you can leave us a comment in the post.

Posted by David Acosta

Qualified Security Assessor (QSA) for PCI DSS, PCI PIN, PCI 3DS, P2PE and PCI TSP. CISSP, CISA, CISM, CRISC, C|EH, C|HFI.

All Posts Website

One Comment

  1. Renê July 2, 2024 at 4:09 pm

    Thank you for the material.

    Note: It seems to me that the dates of S3 and SLC were changed.

    Reply

Leave to Reply