KUBRA Champions Data Safety With PCI 4.0 Compliance Adoption
March 1, 2024
KUBRA is excited to announce that we have achieved compliance with the Payment Card Industry Data Security Standard (PCI DSS) version 4.0. The current iteration, PCI DSS v3.2. 1, will be retired on March 31, 2024. KUBRA is among a handful of organizations that have proactively implemented the new requirements ahead of the March 31, 2025, deadline. This accomplishment reflects our unwavering commitment to safeguarding our clients' sensitive payment card information.
What Is PCI DSS?
PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all organizations that store, process, or transmit cardholder data and include specific obligations for software developers and manufacturers of applications and devices used in those transactions. It covers technical and operational system components included in or connected to cardholder data.
What Are the Primary Differences Between PCI DSS 3.2. 1 and 4.0
PCI DSS v4.0 aims to meet four key objectives:
- Continuing to meet the needs of the payment industry
- Promoting security as a continuous process
- Adding flexibility and additional methods to maintain payment security
- Enhancing payment validation methods and procedures
It aims to achieve these objectives by emphasizing security outcomes while allowing businesses more flexibility in choosing the best security technologies and approaches for their environment. In addition, there have been significant improvements to requirements in PCI DSS 4.0, including:
- Additional authentication controls, including strict multi-factor authentication requirements when accessing the cardholder data environment
- Updated password requirements, including increasing password length requirement from 8 characters to 12
- Changing requirements around shared, group, and generic accounts
- Clearly defined roles and responsibilities needed for each requirement
These new requirements have been implemented to prevent and detect new and ongoing threats against the payment industry, including phishing, e-commerce, and e-skimming attacks.
What It Means for Our Clients
At KUBRA, we're serious about data security. That's why we're proud to meet the stringent PCI 4.0 standards—it's just part of our commitment to keeping our clients' data as safe as possible. Sticking to these strict guidelines means our clients can feel confident that their payment information is in good hands in our increasingly digital world.
Request Demo