Assessments

PCI DSS compliance dates are fast approaching, and we are a little more than a year away from the SAQ A iFrame changes that many merchants and service providers will need to deal with. iFrames used to be the primary escape hatch that companies would use to avoid bringing vast parts of their websites into scope for PCI DSS, but this has now changed.

In our example, let’s assume the parent site is store.com, and...

It’s that time of the year (or at least it was) when we earnestly weigh pushing tasks to next year, with a focus on what might be coming across our task lists. And perhaps you are looking at that PCI DSS 4.0 gap assessment as something to get done prior to 2024 budgeting season.

Early in the year might be the best time to do this gap assessment. If your QSA or consulting firm is...