The publication of a new, fundamentally revised version of the payment transaction standard PCI DSS has been announced since 2019. We are eagerly awaiting the changes that the new version will bring.
After PCI DSS v4.0 had already undergone two RFC phases in 2019 and 2020, the PCI Security Standards Council has now decided to also initiate an RFC phase for supporting documents, in particular for
- the template for the Report on Compliance (ROC),
- the template for the Attestation of Compliance (AOC), and
- the self-assessment questionnaires (SAQs)
in June 2021. However, this will also delay the publication of PCI DSS v4.0.
Instead of the announced release period in Q2 2021, the aimed period of finalization is now Q4 2021. The actual release date has not yet been specified.
We must therefore be patient a little longer before we can properly plan the migration. With the shift of the publication date, the planned transition periods from PCI DSS v3.2.1 to v4.0 have also been postponed. We are therefore also postponing our PCI DSS v4.0 webinars to 2022.