Bluehost Web Hosting Help

TLS 1.0 PCI Compliance

Overview

This article will discuss how you might be affected by the removal of TLS 1.0 in the updated PCI Compliance Standards.

What Is TLS 1.0?

TLS 1.0 is a standard for encrypting data that is communicated between a computer and a server on the internet. Encryption keys provided by your SSL certificate provide the means to encrypt and decrypt the information. It is often used by websites that take Credit Card payments or hand other sensitive information that you wouldn't want plainly available. When information is encrypted, it is far less likely to be stolen. This is because a hacker will have to decrypt the information being communicated.

TLS 1.0 is one method, out of many, used to facilitate encrypted communication. Encrypted communication is required by the Credit Card industry before any business can accept Credit Card transactions.

What Is PCI Compliance?

PCI stands for Payment Card Industry. To be PCI compliant is to conform to the Payment Card Industry Data Security Standard or PCI DSS. You must be PCI compliant before you can accept Credit Card payments. Unfortunately, TLS 1.0 encryption is now considered too weak and will be removed as an acceptable encryption method for PCI Compliance. This means anyone relying on TLS 1.0 may lose PCI Compliance and no longer be able to process Credit Card transactions.

What To Do

To avoid issues with TLS 1.0

  • Bluehost will remove TLS 1.0 support from our system before the cutoff date. If your Compliance Scan Vendor indicates you are not compliant you will need to contact them.
  • Keep your web browser up to date. Browsers that do not support encryption methods newer than TLS 1.0 may no longer work on encrypted pages.
Knowledgebase Article 225,996 views bookmark
share
Share or save this via:
tags: compliance pci ssl tls


Was this resource helpful?
Helpful Unhelpful


Did this resolve your issue?
Solved Unsolved


Please add any other comments or suggestions about this content:





Recommended Help Content

PCI Compliance

PCI Compliance

How To Activate Free SSL Certificate - Free Wordpress SSL Setup

Bluehost now provides free free SSL certificates for all WordPress sites. This article describes how to activate the free SSL for a WordPress site.

How to Upload an SSL Certificate to SiteLock

This article will explain the process for uploading an SSL Certificate to SiteLock's dasboard. The steps for accessing the SSL Manager may vary depending on which user interface your account uses.

Related Help Content

How to Download your SSL Certificate

This article explains how to download a copy of your SSL certificate.

Protect Specific Pages With SSL

This article will show a way to protect specific pages of your website with SSL. This may have benefits for SEO and can be used on pages that contain forms, shopping carts or any other page where users might enter sensitive information.

Manage Service SSL Certificates

How to add a new SSL certificate for your different WM services.

Purchasing or Renewing SSL certificates

How to renew an existing SSL certificate--or purchase a new one, within your cPanel

Comodo Positive SSL Certificate Seal

Where do I get a copy of the site seal for my SSL I purchased through Bluehost?

VPS Dedicated Installing SSL

To help with installing an SSL certificate for an account on a dedicated server through the WHM

Installing the WildCard SSL on a Reseller account

How to install the provided WildCard SSL on a reseller account

SSL Installation of 3rd Party Certificate

I need to have an SSL 3rd Party Certificate installed for my domain.