Thursday, January 7, 2016

Did you know that PCI DSS 3.1 implementation date has been delayed?

If you work for a company that allows customers to pay directly using either a debit or credit card, you are likely required to follow Payment Card Industry (PCI) Data Security Standards (DSS).

The latest version of these standards, PCI-DSS 3.1, were released back in April 2015 and had two specific requirements for changes to communication protocols, SSL v3 and TLS 1.0, which were to be removed by June 30, 2016.

Back on December 18th, the PCI Security Standards Counsil announced it was delaying the requirement to meet the new standards by two (2) years to June 30, 2018. The announcement information can be found here and here.

If you're interested in learning more about PCI-DSS 3.1, you can review this document or research additional information on the PCI Security Standards Council site.