Frequently Asked Question

Is phishing-resistant authentication alone acceptable as multi-factor authentication for PCI DSS Requirements 8.4.1 and 8.4.3?

No, phishing-resistant authentication cannot be used without an additional authentication factor to meet Requirements 8.4.1 or 8.4.3 because of the increased risk with these types of access.

Use of phishing-resistant authentication is encouraged and recommended; however, to meet Requirements 8.4.1 and 8.4.3 for MFA, phishing-resistant authentication must be used with another factor (for example, a password, PIN, or biometric).

Frequently Asked Question

Frequently Asked Question

Is phishing-resistant authentication alone acceptable as multi-factor authentication for PCI DSS Requirements 8.4.1 and 8.4.3?

Featured FAQ Articles

Featured

Most Popular

Most Recently Updated

Copyright © 2006 – 2024 PCI Security Standards Council, LLC. All rights reserved. Terms and Conditions.

Frequently Asked Question

Is phishing-resistant authentication alone acceptable as multi-factor authentication for PCI DSS Requirements 8.4.1 and 8.4.3?

Related

Featured FAQ Articles

Featured

Most Popular

Most Recently Updated