Website security standards are changing

Website security standards are changing

From 2018 June 30 Payment Card Institution (PCI) changes the requirements for data security standards (OSH). So how do website security standards change? By this date, services using SSL and older TLS (Transport Layer Security) should migrate to TLS 1.1 or later. It is recommended to migrate immediately to TLS 1.2.

What is PCI?

PCI – Payment Card Institution established to improve and understand security standards for the security of payment services. Founded by American Express, Discover Financial Services, JCB International, MasterCard, and Visa. And all these companies apply these standards in their cooperation requirements.

What is the risk of using an SSL or an older version of TLS?

Both data protection protocols have a number of serious security vulnerabilities and there is a high risk that the use of these protocols may be compromised. There is currently no solution for eliminating these gaps, so updating the protocols used to TLS 1.1 / 1.2 is very important.

What impact does it have on services?

These updates are particularly relevant for e-commerce sites that allow bank cards to be settled, as a change in the PCI requirements will mean that services that do not meet these requirements will not be able to provide payment cards directly to customers, but these updates should be relevant to any services that process client data (passwords, e-mails, etc.), as all these data can be taken over by these gaps.

Also, browsers that have offline support or TLS 1.1 that are not supportive will not be able to access certain services that can be read more widely here.

It is important to note that such upcoming innovations will not be worthy of support for older browser versions that do not have TLS 1.1 support, as these browsers will no longer be able to complete the order and pay for it until they are forced to upgrade to a newer version.

Original source: https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls

Back to Blog

Interested? Let's discuss your project

Call us or write us an email and we will arrange a meeting, during which we will discuss your project and our ideas for you.