PCI 3.1: What it means for developers
PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all entities that store, process or transmit cardholder data – with requirements for software developers and manufacturers of applications and devices used in those transactions. The Council is responsible for managing the security standards, while compliance with the PCI set of standards is enforced by the founding members of the Council, American Express, Discover Financial Services, JCB, MasterCard and Visa Inc.
The PCI DSS applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational system components included in or connected to cardholder data. If you accept or process payment cards, PCI DSS applies to you.
Version 3.1 of the PCI Data Security Standards was released in April, 2015 and take full effect in June, 2018. The primary change in version 3.1 was to specify that older versions of SSL and TLS are no longer considered secure, and will not be supported past June 30, 2018.
In the attached presentation, Cayan addresses what PCI 3.1 is, what it means for our partners, developers, and merchants, and describes how Cayan can help our partners and merchants be prepared for these changes.