Thursday, March 26, 2015

SSL is dead: what to do for PCI DSS Compliance

Author - Swati Sharma

Feb 2015, PCI SSC bulletin on impending revisions to PCI DSS, PA-DSS has created turmoil in payment industry. PCI SSC has announced that they will be bringing newer version of PCI DSS 3.1 and PA DSS 3.1 and Secure Socket Layers (SSL) v3.0 protocol will be treated as no longer acceptable for protection of data due to inherent weaknesses within the protocol. PCI SSC has announced to release the new version of standards in April 2015.