Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>PCI DSS 3.0 Officially Retires

PCI DSS 3.0 Officially Retires


Payment Card Industry Data Security Standard (PCI DSS) 3.0 was officially retired 30th June 2015, and firms are warned not to use SSL or early TLS for any new projects to secure payment data.  PCI DSS 3.1 was introduced back in April as a response to major security flaws discovered in the open source SSL, including Heartbleed, Shellshock and POODLE.  Firms have a grace period of until 30 June 2016 in which to implement v3.1 compliance, but they will not be able to roll out any new systems with SSL or early versions of TLS from today.  The update means online merchants will have to switch off SSL in web servers and support the latest version of the Transport Layer Security protocol.  The US National Institute for Standards and Technology last year told all government agencies to upgrade to TLS 1.2 as standard.
 
Read More:
 
Source:
 
InfoSecurity Magazine
 
Help Net Security
 
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis