By June 30, 2018, retailers accepting digital (online) credit card transactions must cease using encryption protocols known as SSL or TLS 1.0. Retailers must transition to TLS 1.1 or higher (such as the popular TLS 1.2) or else lose the ability to accept credit card payments. Note also that Nevada law requires compliance with the Payment Card Industry Data Security Standards (PCI DSS) with respect to Nevada cardholders.
The reason for the change is the PCI DSS, when version 3.1 was issued in April of 2015. Encryption protocol TLS 1.0 dates back to 1999, and was vulnerable to a variety … Continue Reading