FAQs

Previous versions of the PCI DSS were very specific in that they require the use of compensating controls where the 12 PCI DSS requirements could not be met. The latest version allows for more flexibility, around adopting new technologies or security solutions to achieve compliance in place of compensating controls.

Essentially, the 12 core requirements of the PCI DSS haven’t changed, rather they have evolved to take into account advancements in security technology, risk mitigation techniques, and evolving threats. The changes strengthen security control requirements while at the same time adding flexibility to achieve compliance. This can be broken down into four key areas:

1. Continue to meet the security needs of the payments industry.
2. Promote security as a continuous process.
3. Increase flexibility for organizations using different methods to achieve security objectives.
4. Enhance validation methods and procedures.

PCI DSS v4.0 is the latest version of the Payment Card Industry Data Security Standard and was released on March 31^st 2022.

We follow a structured project delivery process that we’ve designed using PRinCE2 and PRinCE2 Agile methodology and then moulded from our own experience. We use ‘collaborative working’ project management tools where we can, and we’re happy for our PMs to use your own project management software if you prefer.

Our Agent Assist solution is very easy to understand from a user perspective. When the point of payment is reached in the call, the agent secures the line. PCI Pal’s secure cloud then captures all sensitive credit card details as it’s either spoken or entered via their telephone keypad without the agent hearing or seeing it, and it’s instantaneously sent to the payment provider for processing. Crucially, the voice path between the customer and agent remains open nearly all the time while this happens, so they can communicate should there be a problem. Watch the short video on our Agent Assist solution page to find out more.

Yes, we offer a dashboard overview for all customer call traffic and transactions. View our reporting capability overview here.

PCI DSS v3.2.1 will remain active until 31^st March 2024. This provides organizations time to become familiar with the new version, and plan for and implement the changes needed. Our PCI DSS v4.0 timeline provides a useful guide on key milestones you need to be aware of.

Delivery of your project is dependent on the solutions you have chosen and your specific requirements. We have delivered previous projects in as little as 4-6 weeks. We will always endeavor to deliver your project successfully and on time.