Thu. May 26th, 2022

As you may know SSL is the security standard upon the encrypted Internet was first built. the Secure Socket layer is no longer secure though.


If you read our POODLE (Padding Oracle On Downgraded Legacy Encryption)post:

It showed the current reality of SSLv3 (the latest version) is no longer secure.

And thus it is not compliant with PCI (Payment Card Industry DSS3.0)

So there are multiple ways an ethical Hacker can let you know if your webserver is no longer compliant (and you thus have to upgrade to TLSv1.2)


Updated  10/16/16  –  The latest version of PCI is v3.2 and it states if you use Ecommerce on the Internet then SSLv3 and TLSv1.2 must be updated to a “secure” standard. i.e beyond the older insecure standards.




Contact Us to fill out a permission document so that we can test your website. (is _your_ website compliant?)

By zafirt

2 thoughts on “SSL security is no longer PCI compliant”

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.