Blog
View are my own
While on a mission to “secure the bag” by making sure that we are getting our finances together, are you also making sure you are securing the credit card transactions on you e-commerce website? June 30, 2018 is the last day to upgrade to the new encryption protocol TLS 1.1 or higher to maintain PCI DSS compliance. If you are utilizing a shopping cart or payment card system your providers should have this taken care of; if you are using payment card systems that do not support TLS 1.1 or higher you will NOT be able to process credit card transactions starting on July 1, 2018.
What does this mean? Transport Layer Security (TLS) is an encryption protocol used to establish a secure communications channel between two systems. Initially developed as Secure Sockets Layer (SSL) in the 90’s, revisions have been continuously made throughout the decades to improve securing the confidentiality and integrity of information starting with SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2 and soon TLS 1.3. Your website and/or payment systems if they have not been upgraded to utilize TLS 1.1 or higher will be susceptible to security vulnerabilities which includes POODLE and BEAST. How does this affect my website? When a customer goes to your website and makes a purchase, there needs to be a safeguard such as an encryption protocol in place for information to be transferred from one device to another without interference. In order for your website to accept secure transactions it is most likely utilizing a SSL certificate which provides your customers the peace of mind seeing the green padlock in their browser. With financial and credit card fraud being rampant in the online world, the PCI Council has made efforts to create a secure standard for data protection by making it a requirement to decommission TLS 1.0 by June 30, 2018. Are you ready? Many websites, ecommerce carts, and payment card systems have most likely taken provisions to have TLS 1.0 upgraded, be sure to reach out to the support team of your provider for more information. TLS 1.0 will also affect browsers, be sure to upgrade all browsers on all your devices. If you have customers using extremely old IOS software, android software, out of date browsers, out of date computers, ipads, tablets that are not compatible with TLS 1.0 they will not be able to make purchases from your website. Here is a tool provided by Qualys to check your systems compatibility here. Additional Resources:
3 Comments
|
Archives
August 2018
Categories |