Are You Ready for New PCI DSS Requirements?

A Conexxus Annual Conference session will dig into new requirements due March 31, 2025.

December 30, 2024

Payment Card Industry Data Security Standard (PCI DSS) 4.0 introduced the concept of targeted risk analysis (TRA). There are two types of TRAs that are intended to provide organizations with flexibility in evaluating their risk and determining the security impact of specific requirement controls.

At the Conexxus Annual Conference in January, K3DES, which performs assessments for PCI DSS compliance, will guide attendees through the process of meeting 52 future-dated requirements and TRAs by March 31, 2025, during the “Hitchhikers Guide to PCI DSS 4.0.1 Compliance” session.

Howard Glavin, senior auditor and executive vice president at K3DES LLC, and Jason Schroeder, director at K3DES LLC, will share the impact of the new controls and determine when they must be in place—which is prior to the March 31 deadline.

Glavin and Schroeder will also share guidance on how retailers can meet the new requirements by focusing on:

Web page protection
Client-side browser protection
Scripts and script protection
Structuring an organization’s vulnerability and patching service level agreements

Attendees will have a better understanding of the recommendations for prioritization and manageability to allow for compliance by the deadline.

Catch Up on New PCI DSS 4.0.1 Requirements

NACS published several PCI-specific articles earlier this year related to PCI DSS, which was released 20 years ago. PCI DSS 4.0.1 (which offers clarifications to PCI DSS 4.0 and not new requirements) is the only existing set of PCI guidelines and security standards designed to protect consumer card data and reduce merchants’ exposure and risk of fraud and data breaches.

How Retailer-Supplier Partnerships Help Enable PCI Compliance (August 28, 2024)
Are You Both PCI Compliant and Cyber Secure? (September 06, 2024)
PCI, EMV and Chargebacks (September 20, 2024)

Register for the Conexxus Annual Conference

The 2025 Conexxus Annual Conference takes place January 26-30 in Tucson, Arizona. This is the most comprehensive event of the year that brings together convenience industry stakeholders who are passionate about innovation and technology.

Themed “Forecasting the Retail Journey,” keynote and education sessions, working group and committee meetings, and networking opportunities will help convenience retailers identify what’s next for retail technology and their business.