On Oct. 1, 2008, the Payment Card Industry ("PCI") Security Standards Council released v. 1.2 of the PCI Data Security Standard ("PCI DSS"). Version 1.2 does not introduce any major new requirements, but eliminates some redundant sub-requirements, clarifies certain areas, and introduces some flexibility into the existing elements. While v. 1.2 is effective immediately, the sunset date for v. 1.1 is December 31, 2008. This means that entities who are in the process of completing their PCI DSS assessments under v. 1.1 do not need to switch to the new version.

A copy of Version 1.2 and a summary of the changes are available at the PCI Security Standards Council website.