As we have already analysed in our previous blogs about the new PCI DSS requirements, it is to your knowledge that both SSL and early TLS protocol must be disabled since June 30th, 2018. Therefore, PCI DSS is allowing only the use of the most recent and secure version of the TLS protocol.

Recently it has been announced that the most popular browsers, such as Safari, Chrome, Mozilla and Microsoft Edge, will not allow unsafe connections through the use of both SSL and TLS insecure versions protocols after 2020. This action will result that services that have implemented with these old protocol versions will stop working.

Microsoft recently posted their statistics on the current situation of most sites. As you can see in the following image, 94% of the sites are already compatible with TLS version 1.2 and less than 1% still are using TLS version 1.0 or 1.1.

tls ssl

[source: Microsoft]

The organisations that have not yet completed the protocol migration will experience a negative impact on their business if they do not take the appropriate measures on time, especially if the business must comply with PCI DSS.

Read more about PCI requirements on SSL/TLS protocols.

Reference links:
Microsoft
Google
Safari
Mozilla