Posted by Noah on August 23, 2016

TLS 1.0 Support Causing PCI Compliance Failure?

Comments (0)

Supporting TLS 1.0 today is an automatic PCI Compliance fail. Unfortunately, you still need it. Too many of your customers require it to make a secure (https) connection to your store. This isn’t a BV Commerce issue; this is an end-user operating system and browser issue.

What Is TLS 1.0?

Transport Layer Security (TLS) is the protocol that replaced SSL for secure communications (https) between the server (your website) and the browser (the customer). TLS 1.0 is an older implementation of the TLS protocol.

Who Uses It?

Older browsers and devices. For example, Windows XP requires it. So if you have any customers using XP, they would no longer be able to order from your store. How many users are effected is the unknown. Currently it is estimated that between 10 and 20 percent of browsers/devices still use it. If you sell mostly to younger, hi-tech users the effect will be less than if you sell to older users and corporations. Below is a link to a detailed browser/protocol compatibility chart in case you need some help falling asleep tonight:

What Should I Do?

If you don’t mind losing customers, tell your host you want to be on a server that does not support TLS 1.0. They should have some options available to you.

If you can’t afford to lose customers, you will need to do the following:

  1. Dispute the finding
  2. File a PCI/SSL/TLS Risk Mitigation Form (download form below)

PCI/TLS Risk Mitigation Form

Following this procedure should earn you an exemption until June 2018. Note that you may need to redo this process periodically depending on your provider and the frequency of their PCI scans, so keep this form handy.

If you choose to do nothing there will be a penalty. What that penalty is varies by provider. Why not take the time to perform the process outlined above to ensure maximum customers and compliance?


Add comment

  • Comment
  • Preview

©2024 Develisys. All rights reserved.
  • Toll-free  888-665-8637
  • International  +1 717-220-0012