PCI DSS to Focus on Phishing-Resistant Authentication

PCI Security Standards Council's Yew Kuann Cheng on Moving to the Latest Version Suparna Goswami (gsuparna) • January 8, 2025

While PCI DSS 4.0 tackled evolving threats, the newly introduced version 4.0.1 focuses on phishing-resistant authentication factors. Yew Kuann Cheng, regional vice president for the Asia Pacific region at PCI Security Standards Council, shared insights on adapting to the new requirements and the role of MFA in security.

See Also: Datos Insights Report: Transforming Onboarding Experiences While Reducing Friction and Fraud

"One very interesting update in version 4.0.1 is the recognition of phishing-resistant authentication factors," Cheng said. "For companies who have adopted leading technology to protect themselves from phishing attacks, these companies can use that as a way to satisfy MFA requirements more easily."

MFA works effectively only when implemented correctly, Cheng said. He urges organizations to follow the guidelines meticulously and move away from ...