Insecurity of internet user’s data has always been one of the let-downs of using the internet. There’s no where you turn to that this subject will not pop up, it is a worldwide issue. Of recent, precisely last year, Heartbleed breach took the world of internet by surprise, and most of the top players were affected. How this happened I cannot tell, but, the little I know is that, there was a loophole that those masterminding hackers exploited into gaining access. Nothing else!
In order to prevent such a reoccurring in the closer future, the present secure socket layer (SSL) web security layer which has been in use for a very long time will be downgraded and out of use starting from this month. An upgraded version of Payment Card Industry (PCI) Security Standards Council’s latest Data Security Standard (DSS) 3.1 will block, straighten and strengthen the system against future exploits.
Upgrade to PCI DSS 3.1…you can’t afford to wait for the evil days.
One of the top consumer of PCI’s products, 2Checkout, has mandated all of their customers around the world to upgrade to DSS 3.1 in order to deliver high-quality and secure web experience. We are proud to be one of 2Co’s loyal customer though 🙂
Here’s the statement released, it read thus:
"From protecting the identity of our Merchants to securing your customers' transactions, our focus here at 2Checkout is to process your payments securely and efficiently while adhering to the latest changes and updates within the payments industry. The Payment Card Industry (PCI) Security Standards Council (SSC) has released its latest data security standard (DSS) 3.1, which mandates all businesses move away from Secure Sockets Layer (SSL) web encryption because it's no longer considered strong enough. Your customers often notice SSL when a little padlock appears online to denote that the encrypted transmission of sensitive payment data is now possible, allowing a transaction to go ahead during the checkout process. It may also appear when your customers view SSL security certificates. After a series of browser attacks took advantage of vulnerabilities in Secure Sockets Layer (SSL), the PCI Data Security Standard was updated to use the more secure, current version of Transport Layer Security (TLS). The 3.1 upgrade will dissolve the use of SSL 3.0 and TLS 1.0 as permitted security protocols, so2Checkout will no longer support SSL 3.0 and TLS 1.0 as of June 30th, 2016. This will mean that all API requests, Vendor Admin sessions and standard checkout processes will need to use TLS 1.1 or TLS 1.2. As a Merchant, you may need to make updates to your servers, programming language and even the browser you are using. The 2Checkout Sandbox environment, sandbox.2checkout.com, has already been changed to support only TLS1.1 and TLS1.2. Tests can be performed today with your shopping cart integration and API calls against that environment, so you can get ahead of the June 30th deadline. 2Checkout will be sending additional communications to you as information becomes available, along with any other updates we may have. As always, you may reach us at email@example.com with any questions. Integrations Team 2Checkout "
Payment Card Industry functionality
Still don’t understand why PCI released DSS 3.1 as an upgrade on SSL, or what it can do for your business? Then, think about this:
Do you still want more information? Download the PDF guide here, it contains all you need to know more about PCI security.
Are you curious of knowing what internet thieves really want from you?
The picture below explains more about the type of information encrypted on your payment card and what they stands for.
If you are one of 2Checkout user like we are, please adhere to this change to enjoy the latest of web security available in DSS 3.1.