Adobe will discontinue PCI DSS Service Provider Certification of Adobe Document Cloud PDF Services effective June 30, 2021. This notice does not impact PCI DSS Certification supported by other Adobe products and services.
The Payment Card Industry Digital Security Standard (PCI DSS) is a compliance standard that defines data security requirements relating to the processing, storage, or transmission of cardholder data. Learn more.
At a minimum, cardholder data consists of the full PAN. Cardholder data may also appear in the form of the full PAN plus any of the following: cardholder name, expiration date and service code. Learn more.
If you are using Document Cloud PDF Services to process or store documents that contain cardholder data, you will be affected. If you are not using Document Cloud PDF Services to process or store documents that contain cardholder data, you are not affected.
No, this only affects PDF Services and Document Cloud file storage, not Acrobat Sign. Adobe Acrobat Sign Solutions for Enterprise will still be PCI Certified.
No, this only affects PDF Services and Document Cloud file storage.
No, Document Cloud and PDF Services are still secure, and your data is safe with us. We have examined customer use cases and workflows, and we are moving Document Cloud in a direction that is incompatible with processing and storing cardholder data. Learn more.
If you are subject to PCI DSS compliance, remove any content that has cardholder data from Document Cloud before June 30, 2021. You may need to change any workflows or processes to prevent this information from being stored in Document Cloud in the future. You can independently consult a compliance officer for any other steps that you should take to maintain your PCI DSS compliance.
We are not making changes right now. But starting July 1, 2021, we will begin making changes to Document Cloud services that will not be compatible with PCI DSS.
No. This only affects Document Cloud storage and PDF services.
No, because you are already avoiding storing cardholder data in Document Cloud, this will not affect your compliance.