PCI Data Security Standard (DSS) V4.0 Considerations

Expand

Collapse

Advanced SearchOpens new dialog

Enter plus (+) or minus (-) signs in search terms to make a word required or excluded
Search Tips

Search terms

Screen Reader users press enter to select a Filter by product. Filter by product

Screen Reader users press enter to select a Filter by category. Filter by category

Sort by Direction

Answer ID 12661 | Last Review Date 07/17/2023

What PCI DSS V4.0 changes impact my environment?

Environment:

PCI pods (Includes US Federal Government pods)

Resolution:

In March of 2022 the PCI Data Security Council released the new PCI Data Security Standard (DSS) V4.0. As expected from a major revision (from 3.2.1 to 4.0), there are several new and updated requirements. While the Council allowed for a transition period, where both versions are active, these new requirements have some extra time to phase in.

With Oracle’s overall regard for high security standards, B2C Service had very little to address. However, some changes highlighted that since B2C Service does not offer a payment processing feature, storing or intentionally collecting personal account numbers (PAN) was not an activity most of our PCI customers were requiring. Therefore, we created a new type of field for specifically capturing PAN. This feature was released in 22C and will become the sole place a customer can contractually store PAN upon renewal after March 2023.

Information on how to implement this feature can be found in the Overview of Custom Attribute Encryption in the Administering the Agent Browser User Interface guide.

Assistance on finding PAN in your site along with removing or moving this data, can be provided by reaching out to your Technical Account Manager (TAM).

Loading...

Login

What PCI DSS V4.0 changes impact my environment?

Was this answer helpful?

Still have questions?

Related Answers

Login