Find Answers

Find Answers

Specified Languages
British English
English

TLS v1.0/v1.1 to v1.2 Protocols


Doc ID:    C1672
Version:    1.0
Status:    Published
Published date:    09/05/2017
 

Answer


TLS – Encryption methods, protocols used in secure communications between servers/firewalls to make it hard for third-parties to decipher Internet packages.

More reading on TLS versions: https://en.wikipedia.org/wiki/Transport_Layer_Security

 

CyberSource Action

On January 12 2015, TLS 1.1 and 1.2 were enabled in the SA POST URL, at priority over TLS 1.0 (per JIRA ticket HPA-3325)

In Mid-2016, CyberSource will update server-side preference method of communication for all products & interfaces to TLS version 1.2 in the CAS environment.

On April 26-27 2016, as PCI Council is requiring CyberSource to send v1.2, CyberSource will set TLS v1.2 as the preferred method of communication for all products & interfaces. Earlier versions of TLS will remain available as fallback options. --Jim (1/12/2016)

In 2017, CyberSource will EOL DES-based ciphers, RC4-based ciphers, and TLS versions 1.0 & 1.1. The full schedule may be found in CyberSource Security Updates - Spring/Summer 2017

On June 2018, the PCI Council will decommission TLS v1.0 from its compliance standards. Servers that still use TLS v1.0 will be rendered non-compliant.

 

Merchant Action

All servers (in the payment industry) must be configured to security version 1.2 so that it can receive 1.2 Internet packages by June 2018.


Rate This Item