In the first half of 2024, £571 million was lost to card payment fraud in the UK alone, much of it driven by scams on social media. Fraud has clearly evolved, adopting more modern and sophisticated tactics.
In payment, one standard governing how card data is protected, namely how it is stored, processed, and transmitted, is the PCI DSS directives.
The Payment Card Industry Data Security Standard was created in 2004 and has been the backbone of payment security for nearly 20 years. This year marks a big shift. Its latest version, PCI DSS v4.0, will become mandatory in March 2025. This is the first major update in over a decade, so worth taking a closer look at the key changes.
Overall, PCI DSS v4.0 focuses on critical aspects such as encryption, authentication, network segmentation, and vulnerability testing, ensuring businesses are better equipped to handle the ‘modern’ security threats that are increasingly sophisticated too.
◾As such one of the key changes is the introduction of a flexible compliance approach. This means merchants can choose security measures that best fit their specific needs and risks. This approach is well-aligned with how businesses today manage their security challenges. In the same way that authentication frameworks are becoming more adaptive to varying levels of risk, other security measures are also evolving to be more context-specific and scalable.
◾Another key update focuses on the Stronger Authentication framework. Multi-factor authentication (MFA) is now mandatory for all accounts accessing sensitive payment systems, including remote administrative access. Specifically, MFA is required for all accounts that interact with the Cardholder Data Environment (CDE).
◾Stronger encryption and better key management are now essential. Businesses must use modern encryption methods instead of outdated ones. They also need to improve how encryption keys are created, shared, and stored to reduce the risk of data breaches and unauthorised access.
◾Given the industry’s shift towards real-time data processing, the latest guidelines also encourage automated monitoring and the use of tools that enable businesses to detect and flag non-compliance in real time.
Paypr.work blends payment knowledge and custom research into a simplified yet insightful narration. Our narratives feature visually engaging designs that break down both fundamental and complex payment jargons into bite-sized, repetitive micro-concepts to promote better comprehension and retention.
Sign up for a Paypr.work Premium Membership to exclusively access all of our payment resources, including our full articles, industry insights, ecosystem maps, reports, videos, and our unique library of bespoke infographics.
Don’t miss out— sign up to learn payments in a captivating way!
You have provided so much light and knowledge in a fascinating world. You definitely bring the fun to Fintech like no one else and actually know what you are talking about! Thanks goodness for you😁!
Vice President Global Product Expansion, Shift4
Impressive, congratulations Sandra and Team Paypr.work. The detail in each of your 100+ infographics is outstanding and showcases your expertise well… Continued success for this remarkable work!
LinkedIn Strategist | Digital Transformation Leader
Host of Heads Talk
Your diagrams have the ability to explain the most complicated of topics in way that can be understood by anyone. Not many people have the ability to create self-explanatory visuals, so keep doing your magic 🔥🔥🔥!
CEO & Co Founder of CLOWD9
Your content is so informative, accurate, and fabulously presented in infographics that always attract great attention. Your visuals naturally spark strong engagement regardless of the LinkedIn algorithms !
B2B Marketing, Marqeta
The depth of Paypr.work knowledge and skill sets are truly impressive. Their ability to combine deep industry expertise with well-depicted visual is pretty unique. I strongly recommend Sandra and Paypr.work !
Director EMEA Payment Solutions, Marriott International
👏👏 👏👏 👏👏 I always love your content and in fact, I am so happy for all of us in the industry… we’re lucky to have you sharing your payment wisdom with us 🤓… thank you! Keep up the great work.
Strategic Accounts Director, Truelayer | Payments and Fintech Geek
Merci Sandra pour ta facilité à vulgariser le paiement via de simples dessins, qui me surprendront toujours. Pour ceux qui ne connaissent pas son travail, je vous invite à suivre Paypr.work [ˈpeɪpəwəːk]!
Product Manager Paiement, Maisons du Monde
Your enthusiasm and ability to simplify Payments is so refreshing and literally shines through! Sandra and her team research, write content and create some stunning infographics for the payments industry….
Chief Operations Officer, Clowd9
Keep up the good work and know that your hard work and dedication is so inspiring for all of us. You are truly doing an incredible job and your consistent efforts don’t go unnoticed.
Chief Community Officer, NORBr | Redefining Payment Infrastructure | Linkedin Top Voice
Your posts are a masterclass in how payments have evolved from a basic utility to a strategic asset. Your ability to simplify this complexity and provide strategic direction along with implementation support is so invaluable. The clarity and depth you provide are exactly what this fast-evolving industry needs.
Chief Commercial and Operations Officer, Soffid
The mechanics of all things payment are a black box for most industry stakeholders. With the help of their well researched and designed infographics, Sandra and her team at Papr.work demystify complex flows and create awareness about the factors that play a role in the end to end processes.
Paul van Alfen | Managing Director Managing, Up in the Air - Travel Payment Consultancy
Your Paypr.work subscription gets you full access to all Paypr.work content in 1 place including: our weekly new payments articles, our infographic blog, exclusive discounts on all the services that Paypr.work has to offer and the opportunity to collaborate on free infographic to promote your knowledge/value proposition and more. The content is for personal use and cannot be copied, reproduced, redistributed, altered, modified, shared publicly or with third-party nor can derivatives of the work be created. The user may share content that is available through the free blog access subject to crediting Paypr.work with the attributions.
