Powering thousands of Online Stores, Shopping Carts, around the world!

PDshop is built on Asp.Net, works with ALL Windows web hosts and Windows servers!
Download Learn More
PCI scan fails with TLS v1.0 Supported
Sample Error
This service supports the use of the TLSv1.0 protocol. The TLSv1.0 protocol has known cryptographic weaknesses that can lead to the compromise of sensitive data within an encrypted session.

Additionally,
the PCI SSC and NIST have determined that the TLSv1.0 protocol no
longer meets the definition of strong cryptography.
Solution or Workaround
A PCI scan may fail when the server has TLS 1.0 enabled because the Payment Card Industry Data Security Standard (PCI DSS) requires that all systems and applications be secure in order to protect sensitive payment card information. This includes ensuring that all communication between systems and applications is encrypted using secure protocols.

TLS 1.0 is an outdated encryption protocol that has known security vulnerabilities, such as the POODLE attack. As a result, the PCI DSS requires that all systems and applications no longer use TLS 1.0 for encrypted communication.

If a server has TLS 1.0 enabled during a PCI scan, the scan will likely fail because the use of TLS 1.0 is considered to be an insecure configuration that puts sensitive payment card information at risk. To pass the PCI scan, the server must be configured to use a more secure encryption protocol, such as TLS 1.2 or higher.

It's important to keep in mind that the PCI DSS requirements are updated regularly to reflect the latest threats and vulnerabilities, so it's important to stay up-to-date with the latest requirements and ensure that all systems and applications are configured securely.
Related Articles
Other Resources
Related Topics
Search for help...

IMPORTANT

IMPORTANT update for the new year 2024. All users should install the Latest Update. We recommend updating to 10.076 or higher as soon as possible.