So we're running an M1 store version 220.127.116.11, patched, but am hearing conflicting information on whether we could be PCI compliant after 1st June 2020. Our card payment processing is fully outsourced to a PCI DSS compliant provider, so we never handle cardholder data, but our checkout page incorporates an IFRAME served by same provider to capture card data.
Currently we fill out an SAQ-A form each year, but not sure if this would be valid post EOL, or what measures would be required to be able to fill it out with a straight face.
Migrating to Magento 2 (or any other platform) by June is not an option given timescales and budgets. I'd like to stick with Magento 1 as long as possible.
Anyone in similar situation? What are you planning to do?