As a reminder, the Payment Card Industry Data Security Standards (PCI DSS) apply to all entities that store, process, or transmit cardholder data. As a Heartland merchant, you have automatically been enrolled in Heartland’s new Merchant Protection Program with ControlScan. This program, with the support of ControlScan’s services, will provide the resources to baseline security standards and maintain compliance validation to the PCI DSS, as required by the card brands.
The following key updates and milestones are being provided to help you with your PCI DSS and payment security efforts:
PCI DSS 3.2—The Effective Date has Come and Gone
February 1, 2018 marked the date that all new requirements introduced in PCI DSS v3.2 must be adopted by organizations and included in their PCI DSS assessments.
For all organizations:
The Payment Card Industry Security Standards Council (PCI SSC) has published a new version of the industry standard that businesses use to safeguard payment data before, during, and after purchase. PCI Data Security Standard (PCI DSS) 3.2 replaces 3.1 to address growing threats to customer payment information. Companies that accept, process or receive payments should adopt it as soon as possible to prevent, detect and respond to cyberattacks that can lead to breaches.