A July 1 PCI Security Standards Council deadline is prompting payments providers to act well before then, with many establishing their own compliance deadlines in February. What has provoked this eagerness? It could be that noncompliance with the PCI mandate could halt merchant transactions that rely on the Internet.
The PCI Council in 2015 issued a deadline to migrate from earlier forms of Internet security standards. These measures govern the cryptographic protocol when devices connect using the public Internet. Specifically, the PCI Council, which originally set a June 2016 deadline that was later moved to July 1, 2018, says Transport Layer Security 1.1 or higher is necessary for transactions to be compliant. Transactions made with Web browsers and many point-of-sale terminals using older versions of TLS or Secure Socket Layer technology will be out of compliance after that date.