{"id":3688,"date":"2025-06-19T10:59:28","date_gmt":"2025-06-19T10:59:28","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=3688"},"modified":"2025-06-19T10:59:31","modified_gmt":"2025-06-19T10:59:31","slug":"pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/","title":{"rendered":"PCI DSS 4.0 Compliance: Everything to Know About New Compliance Checklist"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\" id=\"h-introduction\">Introduction<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Possibly one of the most important things that have not changed at all is that, regardless of the constant growth of new technologies and new payment solutions, the issue of security remains extremely important. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The standard with which organizations have been comparing their payment card data security programs for many years is the PCI DSS. It is due to this that the PCI DSS 4.0 has rolled out with a fanfare of making compliance easier due to its straightforwardness.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This article concentrates on the area of understanding PCI DSS 4.0 compliance. In this article, the main changes, new obligations, and their implications for the companies processing the payment card data will also be discussed.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It does not matter if you are the owner of a small e-shop offering books and gadgets or a huge financial institution \u2013 you must know about these changes to stay in line with the rules and to safeguard your clients\u2019 data.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-understanding-pci-dss-4-0\">Understanding PCI DSS 4.0<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">PCI DSS 4.0 is the latest version of the <a href=\"https:\/\/certera.com\/blog\/what-is-pci-compliance-12-requirements-of-pci-dss-compliance\/\">Payment Card Industry Data Security Standard<\/a>. Let&#8217;s break down what this means:<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-pci-dss\">What is PCI DSS?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A set of guidelines meant to impart security to organizations that are in some way in charge of credit card data. Set up by the leading credit card organizations. It is originally designed to cut down on credit card theft and identity theft.<\/p>\n\n\n\n<ol class=\"wp-block-list\"><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-key-objectives-of-pci-dss-4-0\">Key Objectives of PCI DSS 4.0<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enhance security<\/li>\n\n\n\n<li>Strengthen flexibility when it comes to meeting the requirements<\/li>\n\n\n\n<li>Relate security as an ongoing idea<\/li>\n\n\n\n<li>Drive security innovation<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-major-changes-in-pci-dss-4-0\">Major Changes in PCI DSS 4.0<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">PCI DSS 4.0 brings several significant changes: <\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-flexible-approach\">Flexible Approach<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Brings in a new approach type, the \u201c<strong>Customized Approach<\/strong>\u201d, in addition to the \u201c<strong>Defined Approach<\/strong>\u201d.<\/li>\n\n\n\n<li>Enables the organization to put in place other controls\u00a0<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-enhanced-authentication\">Enhanced Authentication<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Uses strong access control methods, such as user ID and password, for all those who have access to cardholder data<\/li>\n\n\n\n<li>Strengthens password requirements\u00a0<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-expanded-applicability\">Expanded Applicability<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Extends application to include new methods and means of payment<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-increased-focus-on-security-culture\">Increased Focus on Security Culture<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Emphasizes security awareness training<\/li>\n\n\n\n<li>Encourages the concept of security as a primary priority throughout various organizations<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-risk-analysis-requirements\">Risk Analysis Requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Mandates regular risk assessments<\/li>\n\n\n\n<li>Fosters the process of identifying security risks beforehand<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-pci-dss-4-0-requirements-a-closer-look\">PCI DSS 4.0 Requirements: A Closer Look<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">PCI DSS 4.0 maintains the 12 core requirements but with significant updates:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-1-install-and-maintain-network-security-controls\">Requirement 1: Install and Maintain Network Security Controls<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Grew from strict firewalls to any type of network security-related controls<\/li>\n\n\n\n<li>Produces principles and focuses a lot on the segmentation of the networks that hold the cardholder data<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-2-deploy-only-security-configurations\">Requirement 2: Deploy only Security Configurations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tightens measures that apply to the system hardening<\/li>\n\n\n\n<li>Includes detailed advice applicable to cloud solutions<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-3-safeguard-the-data-stored-on-the-client-s-account\">Requirement 3: Safeguard the data stored on the client\u2019s account.<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An improvement of the requirements for the management of the encryption key<\/li>\n\n\n\n<li>Fortunately, the author of the book introduces new controls for the protection of the cryptographic key.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-4-protect-cardholder-data-with-strong-cryptography\">Requirement 4: Protect Cardholder Data with Strong Cryptography<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Amends the application of the encryption quandary in transit<\/li>\n\n\n\n<li>Preview the new controls of point-to-point encryption<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-5-ensure-no-particular-system-root-is-under-the-control-of-malware\">Requirement 5: Ensure No Particular System Root is Under the Control of Malware<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Expands the type of threat beyond viruses to include other sorts of malicious programs.<\/li>\n\n\n\n<li>Introduces requirements with regard to the detection of all malwares on the systems.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-6-create-inherent-security-within-systems-and-software\">Requirement 6: Create Inherent Security within Systems and Software<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Extends and strengthens requirements relating to secure coding.<\/li>\n\n\n\n<li>Presents new controls in web application firewalls<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-7-restrict-access-to-system-components\">Requirement 7: Restrict Access to System Components<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Strengthens access control requirements<\/li>\n\n\n\n<li>Develops the concept of using the principle of \u201c<strong>Least Privilege<\/strong>\u201d<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-8-determination-of-users-and-control-of-user-access\">Requirement 8: Determination of Users and Control of User Access<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Expands <a href=\"https:\/\/certera.com\/blog\/common-multi-factor-authentication-mfa-risk-and-vulnerabilities\/\">multi-factor authentication<\/a> requirements<\/li>\n\n\n\n<li>Introduces the new rules for passwords, such as the characters to be included in the passwords.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-9-control-of-physical-access\">Requirement 9: Control of Physical Access<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Strengthens the requirements in physical security controls<\/li>\n\n\n\n<li>Many employers have embraced the call for and adoption of remote work arrangements, and the following offers new guidance concerning remote work environments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-10-implement-logging-for-access-by-system-users-and-monitor-these-accesses\">Requirement 10: Implement Logging for Access by System Users and Monitor these Accesses<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Expands logging requirements<\/li>\n\n\n\n<li>Create new checks that will allow the detection of the emanating abnormalities<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-11-assess-systems-network-security\">Requirement 11: Assess Systems\/Network Security<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Regards, with the improvement of the requirements for <a href=\"https:\/\/certera.com\/services\/vulnerability-scanning-patching\">vulnerability scanning<\/a> and penetration testing.<\/li>\n\n\n\n<li>Points to the implementation of new kinds of controls for ongoing security surveillance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-requirement-12-organize-information-security-in-compliance-with-organizational-policies\">Requirement 12: Organize Information Security in Compliance with Organizational Policies<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Extends security awareness training for some of its requirements.<\/li>\n\n\n\n<li>Less than copper-silver control of prokaryotic permeability: new controls for managing service providers.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-key-differences-pci-dss-4-0-vs-3-2-1\">Key Differences: PCI DSS 4.0 vs. 3.2.1<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Understanding the changes from 3.2.1 to 4.0 is crucial:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-structure-and-flexibility\">Structure and Flexibility<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>3.2.1: <\/strong>Prescriptive approach<\/li>\n\n\n\n<li><strong>4.0:<\/strong> Introduces flexibility with &#8220;Customized Approach&#8221;<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-authentication\">Authentication<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>3.2.1:<\/strong> MFA required for non-console admin access<\/li>\n\n\n\n<li><strong>4.0:<\/strong> MFA required for all access to the cardholder data environment<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-encryption\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00a0<strong>3.2.1:<\/strong> Focus on data in transit over open networks<\/li>\n\n\n\n<li><strong>4.0:<\/strong> Expanded requirements for all transmissions of cardholder data<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-risk-assessment\">Risk Assessment<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>3.2.1:<\/strong> Limited risk assessment requirements<\/li>\n\n\n\n<li><strong>4.0:<\/strong> Mandates regular, comprehensive risk assessments<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-cloud-security\">Cloud Security<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>3.2.1:<\/strong> Limited guidance on cloud environments<\/li>\n\n\n\n<li><strong>4.0: <\/strong>Introduces specific requirements for cloud security<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-implementation-timeline-for-pci-dss-4-0\">Implementation Timeline for PCI DSS 4.0<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Understanding the timeline is crucial for compliance:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-march-31-2024\">March 31, 2024<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>PCI DSS 3.2.1 Retired<\/li>\n\n\n\n<li>PCI DSS 4.0 becomes the active version<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-march-31-2025\">March 31, 2025<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>New requirements become effective<\/li>\n\n\n\n<li>Organizations must comply with all PCI DSS 4.0 requirements<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-steps-to-achieve-pci-dss-4-0-compliance\">Steps to Achieve PCI DSS 4.0 Compliance<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-understand-the-changes\">Understand the Changes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Review the new standard thoroughly<\/li>\n\n\n\n<li>Identify gaps between current practices and new requirements<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-perform-a-gap-analysis\">Perform a Gap Analysis<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Assess current compliance status<\/li>\n\n\n\n<li>Identify areas needing improvement<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-develop-an-implementation-plan\">Develop an Implementation Plan<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create a roadmap for addressing gaps<\/li>\n\n\n\n<li>Prioritize critical areas<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-update-security-policies-and-procedures\">Update Security Policies and Procedures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Revise documentation to align with new requirements<\/li>\n\n\n\n<li>Ensure all stakeholders are informed of changes<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-enhance-security-controls\">Enhance Security Controls<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Implement new required controls<\/li>\n\n\n\n<li>Upgrade existing controls as needed<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-conduct-risk-assessments\">Conduct Risk Assessments<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Perform comprehensive risk analyses<\/li>\n\n\n\n<li>Document findings and mitigation strategies<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-train-staff\">Train Staff<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Update security awareness training programs<\/li>\n\n\n\n<li>Ensure all employees understand the new requirements<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-test-and-validate\">Test and Validate<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Conduct internal audits<\/li>\n\n\n\n<li>Perform penetration testing and vulnerability scans<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-engage-with-a-qsa\">Engage with a QSA<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Work with a Qualified Security Assessor for guidance<\/li>\n\n\n\n<li>Prepare for formal assessment<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-continuous-monitoring-and-improvement\">Continuous Monitoring and Improvement<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Implement ongoing monitoring processes<\/li>\n\n\n\n<li>Regularly review and update security measures<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-benefits-of-pci-dss-4-0-compliance\">Benefits of PCI DSS 4.0 Compliance<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Adhering to PCI DSS 4.0 offers several advantages:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-enhanced-security-posture\">Enhanced Security Posture<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Stronger protection against evolving threats<\/li>\n\n\n\n<li>Reduced risk of data breaches<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-flexibility-in-implementation\">Flexibility in Implementation<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A customized approach allows for tailored security measures<\/li>\n\n\n\n<li>Better alignment with organizational needs<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-improved-customer-trust\">Improved Customer Trust<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Demonstrates commitment to data protection<\/li>\n\n\n\n<li>This can lead to increased customer confidence<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-reduced-financial-risk\">Reduced Financial Risk<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Minimizes potential costs associated with data breaches<\/li>\n\n\n\n<li>Avoids hefty non-compliance fines<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-competitive-advantage\">Competitive Advantage<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sets organizations apart in security-conscious markets<\/li>\n\n\n\n<li>Can be a selling point for security-aware customers<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-challenges-in-pci-dss-4-0-implementation\">Challenges in PCI DSS 4.0 Implementation<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">While beneficial, compliance comes with challenges:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-increased-complexity\">Increased Complexity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>New requirements add layers of complexity<\/li>\n\n\n\n<li>May require additional resources and expertise<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-cost-implications\">Cost Implications<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Implementing new controls can be costly<\/li>\n\n\n\n<li>May require investment in new technologies<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-organizational-changes\">Organizational Changes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Might necessitate changes in business processes<\/li>\n\n\n\n<li>Could require restructuring of IT environments<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-skill-gap\">Skill Gap<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>New requirements may demand new skillsets<\/li>\n\n\n\n<li>Training and possibly new hires may be necessary<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-continuous-compliance-efforts\">Continuous Compliance Efforts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Emphasis on ongoing security requires constant attention<\/li>\n\n\n\n<li>May strain resources in smaller organizations<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-tools-and-resources-for-pci-dss-4-0-compliance\">Tools and Resources for PCI DSS 4.0 Compliance<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Several resources can aid in achieving compliance:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-official-pci-ssc-documentation\">Official PCI SSC Documentation<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>PCI DSS 4.0 Standard<\/li>\n\n\n\n<li>Supporting guidance documents<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-compliance-management-software\">Compliance Management Software<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tools for tracking compliance status<\/li>\n\n\n\n<li>Automated assessment capabilities<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-vulnerability-scanning-tools\">Vulnerability Scanning Tools<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Network and application scanners<\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/sitelock\">Cloud security posture management tools<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-penetration-testing-services\">Penetration Testing Services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>External <a href=\"https:\/\/certera.com\/services\/security-services\">penetration testing firms<\/a><\/li>\n\n\n\n<li>Internal testing tools and frameworks<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-security-information-and-event-management-siem-systems\">Security Information and Event Management (SIEM) Systems<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>For log management and monitoring<\/li>\n\n\n\n<li>Aids in detecting security incidents<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-training-resources\">Training Resources<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>PCI SSC training programs<\/li>\n\n\n\n<li>Third-party security awareness training platforms<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-conclusion\">Conclusion<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">PCI DSS 4.0 has introduced a major change regarding payment card security standards. It includes improved flexibility, an emphasis on constant security, and the improvement of the authentication levels. Despite these changes, they are quite significant owing to the fact that modern-day threats require new and better mechanisms for combating them due to the enhanced technological facilities.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Are you prepared to reinforce your payment security? Our experts can assist you in protecting your payment systems and moving towards achieving the PCI DSS 4.0 compliance. Yes, it is that simple to increase the safety of your customers, and in turn, your business today!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-frequently-asked-questions\">Frequently Asked Questions<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-when-do-i-need-to-be-compliant-with-pci-dss-4-0\">When do I need to be compliant with PCI DSS 4.0?<\/h3>\n\n\n\n<ol class=\"wp-block-list\"><\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">Full compliance with PCI DSS 4.0 is required by March 31, 2025. However, it&#8217;s recommended to start the transition process as soon as possible<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-how-often-do-i-need-to-perform-risk-assessments-under-pci-dss-4-0\">How often do I need to perform risk assessments under PCI DSS 4.0?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">PCI DSS 4.0 mandates that organizations carry out specific risk analysis at least once in the period of one year and with any drastic alteration to the environment.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-can-small-businesses-use-the-customized-approach-in-pci-dss-4-0\">Can small businesses use the &#8220;Customized Approach&#8221; in PCI DSS 4.0?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">It may be yes, but it becomes more complex. For most small businesses, the \u201cDefined Approach\u201d may be easier to implement, especially when there are no local requirements for having a tailored security plan.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-does-pci-dss-4-0-require-changes-to-how-we-handle-e-commerce-transactions\">Does PCI DSS 4.0 require changes to how we handle e-commerce transactions?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Indeed, there are new and more stringent rules for e-commerce security payment scripts and third-party libraries.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-how-does-pci-dss-4-0-address-cloud-computing\">How does PCI DSS 4.0 address Cloud Computing?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">PCI DSS 4.0 provides additional detailed direction on cloud technologies, including shared responsibility models and security features that are specific to cloud-only.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction Possibly one of the most important things that have not changed at all is that, regardless of the constant growth of new technologies and new payment solutions, the issue of security remains extremely important. The standard with which organizations have been comparing their payment card data security programs for many years is the PCI<span class=\"morelink d-block mt-3\"><a href=\"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":3689,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26,19],"tags":[703,704],"class_list":["post-3688","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-consulting-services","category-website-security","tag-pci-dss-4-0-compliance","tag-pci-dss-4-0-requirements","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>PCI DSS 4.0 Compliance: Benefits, Requirements, Challenges<\/title>\n<meta name=\"description\" content=\"PCI 4.0 is the latest version of PCI DSS. Explore the 12 requirements, quick steps to take toward PCI DSS v4.0, challenges and benefits.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCI DSS 4.0 Compliance: Benefits, Requirements, Challenges\" \/>\n<meta property=\"og:description\" content=\"PCI 4.0 is the latest version of PCI DSS. Explore the 12 requirements, quick steps to take toward PCI DSS v4.0, challenges and benefits.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web &amp; Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-06-19T10:59:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-19T10:59:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/06\/pci-dss-4-0-compliance.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"PCI DSS 4.0 Compliance: Everything to Know About New Compliance Checklist\",\"datePublished\":\"2025-06-19T10:59:28+00:00\",\"dateModified\":\"2025-06-19T10:59:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/\"},\"wordCount\":1530,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/pci-dss-4-0-compliance.webp\",\"keywords\":[\"PCI DSS 4.0 Compliance\",\"PCI DSS 4.0 Requirements\"],\"articleSection\":[\"Consulting Services\",\"Website Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#respond\"]}],\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/\",\"name\":\"PCI DSS 4.0 Compliance: Benefits, Requirements, Challenges\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/pci-dss-4-0-compliance.webp\",\"datePublished\":\"2025-06-19T10:59:28+00:00\",\"dateModified\":\"2025-06-19T10:59:31+00:00\",\"description\":\"PCI 4.0 is the latest version of PCI DSS. Explore the 12 requirements, quick steps to take toward PCI DSS v4.0, challenges and benefits.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/pci-dss-4-0-compliance.webp\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/pci-dss-4-0-compliance.webp\",\"width\":960,\"height\":620,\"caption\":\"PCI DSS 4.0 Compliance Explained\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PCI DSS 4.0 Compliance: Everything to Know About New Compliance Checklist\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PCI DSS 4.0 Compliance: Benefits, Requirements, Challenges","description":"PCI 4.0 is the latest version of PCI DSS. Explore the 12 requirements, quick steps to take toward PCI DSS v4.0, challenges and benefits.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/","og_locale":"en_US","og_type":"article","og_title":"PCI DSS 4.0 Compliance: Benefits, Requirements, Challenges","og_description":"PCI 4.0 is the latest version of PCI DSS. Explore the 12 requirements, quick steps to take toward PCI DSS v4.0, challenges and benefits.","og_url":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/","og_site_name":"EncryptedFence by Certera - Web &amp; Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2025-06-19T10:59:28+00:00","article_modified_time":"2025-06-19T10:59:31+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/06\/pci-dss-4-0-compliance.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"PCI DSS 4.0 Compliance: Everything to Know About New Compliance Checklist","datePublished":"2025-06-19T10:59:28+00:00","dateModified":"2025-06-19T10:59:31+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/"},"wordCount":1530,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/06\/pci-dss-4-0-compliance.webp","keywords":["PCI DSS 4.0 Compliance","PCI DSS 4.0 Requirements"],"articleSection":["Consulting Services","Website Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#respond"]}],"copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/","url":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/","name":"PCI DSS 4.0 Compliance: Benefits, Requirements, Challenges","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/06\/pci-dss-4-0-compliance.webp","datePublished":"2025-06-19T10:59:28+00:00","dateModified":"2025-06-19T10:59:31+00:00","description":"PCI 4.0 is the latest version of PCI DSS. Explore the 12 requirements, quick steps to take toward PCI DSS v4.0, challenges and benefits.","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/06\/pci-dss-4-0-compliance.webp","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/06\/pci-dss-4-0-compliance.webp","width":960,"height":620,"caption":"PCI DSS 4.0 Compliance Explained"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/pci-dss-4-0-compliance-everything-to-know-about-new-compliance-checklist\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"PCI DSS 4.0 Compliance: Everything to Know About New Compliance Checklist"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3688","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=3688"}],"version-history":[{"count":6,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3688\/revisions"}],"predecessor-version":[{"id":3699,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3688\/revisions\/3699"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/3689"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=3688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=3688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=3688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}