In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements. Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in e-commerce and online payments. At the same time, cybercriminals have adopted increasingly sophisticated methods, capitalizing on global instability to compromise individuals and organizations alike.
These ongoing shifts have made online payments and the digital infrastructure around them an important target, prompting the latest update in PCI DSS requirements. According to the PCI Security Standards Council, the overarching goals of the updates are to continue to meet the security needs of the payment industry, promote security as a continuous and evolving process, add flexibility for different security methodologies, and enhance validation methods.