The PCI Security Standards Council (SSC) published version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) in April 2016. It replaced version 3.1 of the Standard, which was retired on 31 October 2016. Version 3.21 superseded version 3.2 in January 2019
Version 3.2.1 sets new requirements for encryption, building on the clarifications and new requirements established in version 3.2 to ensure that the Standard is up to date with emerging threats and changes in the market.
This green paper is aimed at those implementing PCI DSS v3.2.1 and those conducting audits to ensure an organisation is compliant. It provides some background around the issues, and explains how encryption is incorporated into the Standard and how it can be audited.
- What strong cryptography means
- Explanation of the changes related to SSL and TSL
- The specific encryption requirements in PCI DSS v3.2.1
- How to determine the encryption strength
- How to do additional testing for compliance purposes
Download this free green paper today to discover how to meet the encryption requirements of PCI DSS v3.2.1