TLS 1.2 Protocol deadline

TLS 1.2 protocol Security deadline 19 June, 2018

As you may already know from our previous email communications, the PCI Security Council, an industry body responsible for setting the standards around transaction security, has mandated that as of June 30, 2018, TLS 1.0 is not to be used to process transactions as they are considered insecure protocols. In order to comply with this requirement, CX Pay will be enforcing TLS 1.2 protocol beginning on June 19, 2018.

What potential impact will this have on your merchants?
Beginning June 19, 2018, only TLS 1.2 and higher will be supported, which means merchants who are unable to support TLS 1.2 will be unable to process transactions. Failure to act on the contents of this email may result in transaction processing interruption as transactions from merchants who do not support TLS 1.2 will be rejected and not processed.

Because it is essential to verify that any systems or merchants that communicate or integrate to our gateway platform are able to support TLS 1.2 before June 19, 2018, CX Pay has created a plan and made available tools to help you with this initiative.

Over the next few months, CX Pay will send additional emails notifying merchants and developers about merchants still using the TLS 1.0 and 1.1 security protocols. It is essential that these merchants are contacted as soon as possible to assist in their transition to TLS 1.2.

As the deadline approaches, we will increase the email notifications to you about merchants who are still using TLS 1.0 or 1.1.

TLS 1.2 Transition Resources
To help ease this transition, we request you or your developer, to email us, so we can see if indeed you are still using the TLS 1.0 or 1.1 protocols to connect to our gateway, along with the most recent transaction date.
With this, you or your developer, will know if you will be impacted by this industry wide deadline.

 

Download this protocol update here