PCI DSS version 3.2.1 replaces version 3.2 to account for effective dates and SSL/early TLS migration deadlines that have passed. No new requirements are added in PCI DSS 3.2.1. PCI DSS 3.2 remains valid through 31 December 2018 and will be retired as of 1 January 2019.
“This update is designed to eliminate any confusion around effective dates for PCI DSS requirements introduced in 3.2, as well as the migration dates for SSL/early TLS,” said PCI SSC Chief Technology Officer Troy Leach. “It is critically important that organizations disable SSL/early TLS and upgrade to a secure alternative to safeguard their payment data.”
Learn more about PCI DSS version 3.2.1 and how it is different from version 3.2 on Help Net Security.