The PCI SSC covers 15 different PCI security standards and specifies where they apply to the payment process. For the topic of PCI DSS 4.0 pillar 2 and 4 stand out specifically as a driving factor for this new standard and its requirements. All organizations that are covered by PCI DSS 4.0 must comply with the new standards by March 31, 2024. A new addition to the standard as compared to the 3.x one is the inclusion of APIs. (The changes between v3.2.1 and 4.0 are outlined in this white paper.
The rest of this whitepaper covers the implications of the PCI DSS 4.0 standard on the usage of APIs and how Noname Security addresses these specifically.
