PCI DSS 3.2.1 is the current gold standard for organizations that handle (collect, transmit, process, and store) cardholder data. Organizations of any size that accept, share, or store payment card data are required by law to comply with the PCI DSS 3.2.1 regulations or face penalties. The Central Bank of Nigeria (CBN) makes PCI DSS compliance mandatory in Nigeria. The Operations of Electronic Payment Channels guidelines state that all industry stakeholders who process and store cardholder information must ensure that their environment (applications and processing systems) meet the minimum requirements and standards of PCI DSS certification.

PCI DSS v.4.0 is the next significant evolution of the PCI DSS framework; the PCI Security Standards Council has made some information on the changes and the goals driving the PCI DSS v.4.0. It focus on addressing the evolving threats to the payments ecosystem and how these threats have changed over time, how the technologies used for payments processing have changed since the last major release, and how the security methods and technologies have been developed to address these threats have evolved. The PCI DSS v4.0 is set to achieve the following set objectives;
1. Ensure the standard continues to meet the security needs of the payments industry
2. Add flexibility and support of different methodologies to achieve security.
3. Promote security as a continuous process
4. Enhance validation methods and procedures

However, it is the responsibility of all organizations to see to their compliance to the PCI DSS regularly.