Are you wondering which deadlines for PCI DSS have passed and which ones are upcoming?  Unfortunately, in most cases the deadlines you are looking for are in the past, with some exceptions.  That’s one of management’s challenges to PCI.

Manager: “Tell me what the date is, and I’ll work toward the date.”

You: “More than a year ago.”

Manager: “I can’t manage to that. Go get an extension and tell me that date.”

Events Calendar, by Yandle

Events Calendar, by Yandle

At this point, you pretty much should just make up a date.  Sure, an acquirer can give you a date, as can some payment brands, if you pick up the phone and call them. It does not ultimately mean anything if you are breached tomorrow.

For those dates in the future, Visa has the BEST communication plan and information site for you to reference.  Not all payment brands have quite realized the benefit of allowing their information to flow freely to all of the key stake holders, not just their members.

Visa recently modified their list of dates to clarify that All attended POS PIN acceptance devices must pass testing by a PCI-recognized lab by 7/1/2010.  Are you aware of the other big dates that are coming up?  One that is causing much consternation in the fuel industry is the TDES Mandate for all PIN-Debit transactions to use TDES as the underlying encryption algorithm—also due on 7/1/2010.

One thing to remember, these are ONLY Visa dates (which may or may not include Visa EU), and any other dates communicated or published by other payment brands may be different.  Using the Visa dates as a benchmark may be your best bet.

This post originally appeared on

Possibly Related Posts: