This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Is Firefox Quantum for Enterprise PCI compliant?

more options

Trying to convince my company to move away from IE 11 and adopt Firefox Quantum for Enterprise, but I'm getting hung up on finding information related to whether Firefox Quantum for Enterprise is actually PCI compliant. Any info, especially documents, related to this would be greatly appreciated.

Trying to convince my company to move away from IE 11 and adopt Firefox Quantum for Enterprise, but I'm getting hung up on finding information related to whether Firefox Quantum for Enterprise is actually PCI compliant. Any info, especially documents, related to this would be greatly appreciated.

All Replies (2)

more options

Based on a few minutes of web searching...

PCI-compliance now requires web servers to use at least TLS 1.1, preferably TLS 1.2, and not fall back to TLS 1.0. In other words, not to connect with browsers that cannot support higher TLS protocol levels.

E.g., https://www.pcisecuritystandards.org/pdfs/PCI_SSC_Migrating_from_SSL_and_Early_TLS_Resource_Guide.pdf

Firefox has long supported TLS 1.1 and TLS 1.2, and now can support TLS 1.3. Therefore, Firefox is compatible with PCI-compliant servers. You can check your browser protocol support here:

https://www.ssllabs.com/ssltest/viewMyClient.html

Firefox also allows you to completely disable TLS 1.0 connections. However, some sites may not work in that configuration, most likely sites where you would not be doing any payment transactions, so I don't know whether that makes sense if you want to promote adoption of Firefox.

more options

Thank you very much for your response and the information you provided. I am working to put together a presentation to submit to my management team. We use a platform called Chromatix Business Solutions (CBS) where we process CC payments and retain encrypted billing related info. CBS works through the web browser on our servers. I'm hoping the new Firefox Quantum for Enterprise Extended Support Release version will be an acceptable replacement for the old IE 11 we currently use. Apparently, everything hinges on PCI compliance compatibility and Windows Group Policy control. Again, I greatly appreciate the information. Thank you.