PCI kills SSL

by chrisd | Feb 24, 2015 | Blog

SSL v3.0 is no longer allowed

The PCI Security Standards Council will soon release an update to PCI DSS to disallow the use of SSL v3.0 for protecting cardholder data.

Due to “inherent weaknesses in the protocol,” no version of SSL meets the council’s definition of “strong cryptography,” according to a council bulletin. The council will soon release PCI DSS v3.1 to document the new exclusion.

When released, PCI DSS v3.1 will be effective immediately, but the updated requirements will be “future dated” to allow organizations time to transition. See more details in the council’s bulletin.

← Are your browser transactions secure? The TekReport March 2015 →

OUR SERVICES

COMPANY

CONTACT US

BACKUP & DISASTER RECOVERY

Technology Management

CLOUD SERVICES

VOICE SOLUTIONS

CYBERSECURITY

Email and Spam Protection

Small Business IT

Microsoft 365

About Us

Meet the Team

Testimonials

Blog

Careers

Webinars

Support

Contact Us

PCI kills SSL

SSL v3.0 is no longer allowed

SERVING SOUTHERN OREGON AND NORTHERN CALIFORNIA

CALL US TODAY FOR A FREE TECHNOLOGY ASSESSMENT

(541) 779-4777

HOW TO FIND US

SERVICES

NAVIGATE

CONTACT SUPPORT

Sign up for our e-news