On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI Data Security Standard (PCI DSS) with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against financial services and institutions, PCI DSS v4.0 supersedes version 3.2.1 to tackle evolving threats and technologies, facilitating enhanced approaches to counteract emerging types of cyber attacks. “The industry has had unprecedented visibility into, and impact on the development of PCI DSS v4.0. Our stakeholders provided substantial, insightful, and diverse input that helped the Council effectively advance the development of this version of the PCI Data Security Standard.” Lance Johnson Executive Director, PCI SSC. Revisions to the standard were influenced by feedback from the worldwide payments industry. Over a three year period, over 200 organizations contributed more than 6,000 pieces of feedback to ensure the standard remains aligned with the intricate and evolving landscape of payment security. What Changes Are Coming with PCI DSS v4.0? Version 4.0 increases the total number of PCI DSS requirements that organizations must comply with from 370 to more than 500! In 2023, API requests constituted over 71% of internet traffic, highlighting their significant role in luring potential attackers. Findings reveal that nearly half (46%) of all Account Takeover (ATO) attacks target API…Read More