People. Passion. Performance.
Latest Company news
28/06/16
FCA Authorisation for Advantis

more
01/02/16
Advantis Annual Awards Masquerade Ball

more
01/12/15
Advantis retain contract with Npower

more
Advantis brings PCI DSS certification up to new 3.1 standard (26/10/2015)
press
media enquiries
latest news

Press

Advantis brings PCI DSS certification up to new 3.1 standard
Date 26/10/2015

Advantis have recently attained the new 3.1 version of the PCI DSS standard.
As part of this new standard, businesses are expected to comply with the new, more recent standard which includes :

  • Clarification on a number of requirements that were previously unclear on their intent, or who they applied to

  • 4 additional specific requirements to :

    1. Never use SMS to send unprotected PAN (Primary Account Number)

    2. Note that a vulnerability scan can include manual tools in addition to automated tools

    3. Ensure that agreements between Service Providers and their clients are evidence of their commitment to maintain proper cardholder data

    4. Modify language around how to define a compensation control

  • Evolving requirements to deprecate SSL (Secure Sockets Layer) and TLD (Transport Layer Security) encryption

  • Managerial approval for disabling anti-virus

  • Password policy recommendations

Overall, PCI DSS 3.0 and 3.1 focus on detecting, rather than reacting to, security vulnerabilities. With improved aspects like documentation and system monitoring, these changes were implemented with the aim of increasing proficiency among merchants, service providers, and PCI vendors alike.