SSL encryption & POODLE vulnerability

 

 Considerable changes are being made to PCI requirements in order to address a vulnerability with SSL encryption called POODLE. In short, SSL encryption, which has been the standard encryption method for decades, is no longer PCI compliant due to vulnerabilities in this protocol. 

 In April 2015, the Payment Card Industry Security Standards Council (PCI SSC) released version 3.1 of the PCI Data Security Standard (PCI DSS), only four months after version 3.0 went into full effect. The most important changes are in the communications protocols SSL (all versions) and TLS (version 1.0). These protocols are now considered insecure. They are vulnerable to well-known exploits such as Heartbleed and POODLE.

 The PCI due date for security up to date, more secure conventions was initially in June 2016. This gave associations 14 months to address the update. The liberal calendar was an affirmation of true staffing and spending worries, in spite of the way that the defects in these more established conventions were by and large effectively misused every day.

In April, the industry was all over the news. “Try not to hold up! Do it now!” was the rallying call. The PCI site reported the dangers of proceeding to utilize these out of date conventions. Be that as it may, in December the due date was stretched out from June 2016 to June 2018, giving an additional two years before compliance.

 This change represents a significant opportunity for Merchants to take advantage of Harbortouch’s Point of Sale Systems. Harbortouch has gotten out ahead of this potential disruption, but most of our competitors are just starting to become aware of this issue and it is likely that many of them will be severely impacted. SSL has been the standard encryption protocol for decades, so virtually every POS system older than a few months will likely require a costly security upgrade no later than June 2018 (with some deadlines as soon as this summer) or face a complete shutdown of credit card processing capabilities. Don’t be caught in this SSL Shutdown. You can rely on Harbortouch Point of sale systems are completely PCI compliant.

 

 

Source: https://www.solutionary.com

One thought on “SSL encryption & POODLE vulnerability

  • gold bangles

    Simply wish to say your article is as amazing. The clearness in your post is simply great and i could assume you’re an expert on this subject. Fine with your permission allow me to grab your feed to keep updated with forthcoming post. Thanks a million and please continue the rewarding work.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *