1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Merchants need to start planning TLS migration

Discussion in 'CSO' started by RSS, Apr 2, 2015.

  1. RSS

    RSS New Member Member

    Merchants using SSL encryption to protect transactions will soon have to upgrade to TLS -- but not all payment vendors are ready.

    "From our experience, it seems to be 60-40," said Don Brooks, senior security engineer at Chicago-based Trustwave Holdings, Inc., which provides PCI compliance services. "Sixty percent have it, 40 percent don't."

    SSL, or secure sockets layer, has been ground zero for a series of recent vulnerabilities.

    As a result, the National Institute for Standards and Technology released guidance last year requiring all federal agencies to upgrade to a successor standard, TLS 1.2.

    In February, the Payment Card Industry Securities Standards Council followed up on the NIST recommendation in a bulletin.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page