Overview

Data security is the foundation of every transaction that touches CardConnect. In an effort to continue to offer a secure means of communication to our systems, CardConnect is upgrading its systems and applications to accept Transport Layer Security (TLS) 1.2. This means that we will no longer support communications made with the TLS 1.0 protocol beginning March 31st, 2018.

What is TLS?

The Transport Layer Security (TLS) protocol encrypts and authenticates the data that is passed between communicating applications and their end users. For example, when you enter your login credentials on a website, TLS prevents a third-party from stealing the information that is exchanged during the login process. 

Why Upgrade?

The PCI (Payment Card Industry) Security Standards Council, which defines security and safety rules for the payments industry, no longer considers TLS 1.0 to be a secure form of encryption because it is vulnerable to various types of attacks. As a result, all service providers and merchants who process or transmit credit card data must take the necessary measures to ensure that their systems and applications are upgraded to accept the TLS 1.2 protocol.

For additional information on TLS and and the risks that are present when using TLS version 1.0, please refer to the PCI Security Standards Council’s Information Supplement on Migrating from SSL and Early TLS.

How is TLS Used at CardConnect?

When communications take place with CardConnect's systems and applications, the TLS protocol works to encrypt and/or authenticate the following types of information:

  • Cardholder Data
  • Communications from a merchant's server to CardConnect's APIs
  • Personally Identifiable Information (PII) of buyers
  • Application Login Data

How the Upgrade Impacts You

The upgrade to TLS 1.2 could impact you in various ways depending on the manner in which you interact and communicate with CardConnect's applications and systems. Select from the list below to determine if you are impacted by the TLS 1.2 upgrade:

Confirming TLS Readiness

We will be deactivating TLS 1.0 traffic in our UAT environments on the following dates:

  • October 16th (9am-5pm EST)
  • November 13th (9am EST) through November 15th (5pm EST)
  • December 4th (9am EST) through December 6th (5pm EST)
  • January 22nd (9am EST) through January 24th (5pm EST)
  • February 19th (9am EST) through February 21nd (5pm EST)

CardPointe and CoPilot Users

If you are a CardPointe and/or CoPilot user, it is important to ensure that your web browsers are up-to-date. Most browsers have supported TLS 1.2 for some time, but if you haven't updated your browser to the latest version, then you may be impacted by this upgrade.

Please refer to the Web Browser Support section of this page to verify whether your browser(s) is supported by TLS 1.2.

API/Gateway Users

Java Support

If you run one of the following versions of Java, it is important that you take action before March 31st, 2018 to continue to communicate with CardConnect's services. 

Java Version

Details

JDK/JRE 7 Client

Yes, but support for TLS 1.2 must be enabled.

JDK/JRE 7 Server and aboveTLS 1.2 enabled by default.

JDK/JRE 6 and below

No TLS 1.2 support.

OpenSSL Support

Your OpenSSL version must be 1.0.1 or higher.

Common Server Platforms that Depend on OpenSSL

  • Linux
  • Mac OS X
  • Node.js
  • Ruby

ASP/.NET Support

TLS Support varies based on your Windows Kernel

  • Uses a crypto library called Microsoft Secure Channel (Schannel)

Oracle E-Business Suite Users

These security enhancements will require the deployment of a new CardConnect codebase in your Oracle EBS environment. CardConnect will contact you regarding the deployment of the new code as well as the added functionality included in this release.

Additionally, it is important that you apply the appropriate Oracle patch depending on the version of Oracle EBS that you are using, as indicated below:

VersionDetails
Oracle E-Business Suite 12.1Oracle EBS Suite 12.1 users must install the following Oracle patch to ensure TLS 1.2 support. (Doc ID 376700.1)
Oracle E-Business Suite 12.2Oracle EBS Suite 12.2 users must install the following Oracle patch to ensure TLS 1.2 support. (Doc ID 1367293.1)

SAP Users

If you are an SAP user, you must update your TLS layer to TLS 1.2 and provide CardConnect with the new SAP certificate. 

Supporting Content has additional information for SAP users. 

Web Browser Support

Refer to the information below to determine if your web browser is supported by TLS 1.2.

Google Chrome

If Your Chrome Version is..And You Are Running on one of these Operating Systems..Then...
v1 through 29- Windows 7 and up
- Mac OS X 10.9 and up
- Linux
- Android
- iOS 9 and up
- Chrome OS
Your web browser is not supported by TLS 1.2 and must be updated.
v30 through 58- Windows 7 and up
- Mac OS X 10.9 and up
- Linux
- Android
- iOS 9 and up
- Chrome OS
Your web browser is supported.

Google Android OS Browser

If Your Google Android OS Version is..And You Are Running on this Operating System..Then...
v1 through v4.0.4AndroidYour web browser is not supported by TLS 1.2 and must be updated.
v4.1 through v4.4.4AndroidYou must enable support for TLS 1.2 in your browser.
v5 through v8Android Your browser supports TLS 1.2.

Mozilla Firefox

If Your Mozilla Firefox Version is..And You Are Running on one of these Operating Systems..Then...
v1 through v23- Windows 7 and up
- Mac OS X 10.9 and up - Linux
- Android 4.0.3 and up
- iOS 9.0 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v24 through v26- Windows 7 and up
- Mac OS X 10.9 and up - Linux
- Android 4.0.3 and up
- iOS 9.0 and up
You must enable support for TLS 1.2 in your browser.
v27 through v54- Windows 7 and up
- Mac OS X 10.9 and up - Linux
- Android 4.0.3 and up
- iOS 9.0 and up
Your browser supports TLS 1.2.

Mozilla Firefox ESR

If Your Mozilla Firefox ESR Version is..And You Are Running on one of these Operating Systems..Then...
v10 through v17.0.10- Windows XP SP2 and up
- Mac OS X 10.9 and up
- Linux
Your web browser is not supported by TLS 1.2 and must be updated.
v24 through v24.1.1- Windows XP SP2 and up
- Mac OS X 10.9 and up
- Linux
You must enable support for TLS 1.2 in your browser.
v31 through v52.1- Windows XP SP2 and up
- Mac OS X 10.9 and up
- Linux
Your browser supports TLS 1.2.

Enabling TLS 1.2 Support in Mozilla Firefox Browsers

If you are using Mozilla Firefox versions 24 through 26, follow the steps below to enable support for TLS 1.2:

  1. Open Firefox.
  2. In the URL/address bar, type about:config and press Enter.
  3. In the Search field, enter tls. Locate and double-click the entry for security.tls.version.min
  4. Set the Integer Value to 3 to enable support for TLS 1.2.
  5. Click OK
  6. Close your browser and restart Mozilla Firefox.

Your browser is now ready to support the TLS 1.2 protocol.

Microsoft Internet Explorer

If Your Internet Explorer Version is..And You Are Running on this Operating System..Then...
IE8Windows XPYour web browser is not supported by TLS 1.2 and must be updated.
IE8Windows Server 2003Your web browser is not supported by TLS 1.2 and must be updated.
IE8Windows VistaYour web browser is not supported by TLS 1.2 and must be updated.
IE8Windows 7You must enable support for TLS 1.2 in your browser.
IE8Windows Server 2008Your web browser is not supported by TLS 1.2 and must be updated.
IE8Windows Server 2008 R2You must enable support for TLS 1.2 in your browser.
IE9Windows VistaYour web browser is not supported by TLS 1.2 and must be updated.
IE9Windows 7You must enable support for TLS 1.2 in your browser.
IE9Windows Server 2008Your web browser is not supported by TLS 1.2 and must be updated.
IE9Windows Server 2008 R2You must enable support for TLS 1.2 in your browser.
IE10Windows 7You must enable support for TLS 1.2 in your browser.
IE10Windows 8You must enable support for TLS 1.2 in your browser.
IE10Windows Server 2008 R2You must enable support for TLS 1.2 in your browser.
IE10 Windows Server 2012 You must enable support for TLS 1.2 in your browser.
IE11Windows 7Your browser supports TLS 1.2.
IE11Windows Server 2008 R2Your browser supports TLS 1.2.
IE11Windows 8.1Your browser supports TLS 1.2.
IE11Windows Server 2012 R2Your browser supports TLS 1.2.

Enabling TLS 1.2 Support in Internet Explorer Browsers

If you are using Internet Explorer 8, 9, or 10, follow the steps below to enable support for TLS 1.2:

  1. Open Internet Explorer and click Tools > Internet Options.
  2. Select the Advanced tab.
  3. Check the boxes next to TLS 1.1 and TLS 1.2 to enable support for these protocols. 
  4.  Uncheck the box next to SSL 3.0 to disable this setting. 
  5. Click Apply and OK.
  6. Close your browser and restart Internet Explorer.

Your browser is now ready to support the TLS 1.2 protocol.

Microsoft Internet Explorer Mobile

If Your Internet Explorer Mobile Version is..And You Are Running on this Operating System..Then...
v7- Windows Phone 7
- Window Phone 7.5
- Window Phone 7.8
Your web browser is not supported by TLS 1.2 and must be updated.
v9- Windows Phone 7
- Window Phone 7.5
- Window Phone 7.8
Your web browser is not supported by TLS 1.2 and must be updated.
v10Windows Phone 8You must enable support for TLS 1.2 in your browser.
v11Windows Phone 8.1Your browser supports TLS 1.2.

Microsoft Edge

If Your Microsoft Edge Version is..And You Are Running on this Operating System..Then...
v12Windows 10 v1507Your browser supports TLS 1.2.
v13Windows 10 v1511Your browser supports TLS 1.2.
v14Windows 10 v1607Your browser supports TLS 1.2.
v15Windows 10 v1703Your browser supports TLS 1.2.
v16Windows 10 v1709Your browser supports TLS 1.2.

Opera

If Your Opera Version is..And You Are Running on one of these Operating Systems..Then...
v1 through v9- Windows 7 and up
- Mac OS X 10.9 and up
- Linux
- Android 4.0 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v10 through v12.17- Windows 7 and up
- Mac OS X 10.9 and up
- Linux
- Android 4.0 and up
You must enable support for TLS 1.2 in your browser.
v12.18- Windows 7 and up
- Mac OS X 10.9 and up
- Linux
- Android 4.0 and up
Your browser supports TLS 1.2.
v14 through v16- Windows 7 and up
- Mac OS X 10.9 and up
- Linux
- Android 4.0 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v17 through v45- Windows 7 and up
- Mac OS X 10.9 and up
- Linux
- Android 4.0 and up
Your browser supports TLS 1.2.

Enabling TLS 1.2 Support in Opera Browsers

If you are using Opera versions 10 through 12.17, follow the steps below to enable support for TLS 1.2:

  1. Open Opera.
  2. Click Ctrl plus F12.
  3. Scroll down to the Network section and click Change proxy settings...
  4. Select the Advanced tab.
  5. Scroll down to the Security section and check check the boxes next to Use TLS 1.1 and Use TLS 1.2.
  6. Click Ok.
  7. Close your browser and restart Opera.

Your browser is now ready to support the TLS 1.2 protocol.

Apple Safari

If Your Safari Version is..And You Are Running on one of these Operating Systems..Then...
v1- Mac OS X 10.2 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v2 through v5- Mac OS X 10.4, 10.5, 10.6, 10.7
- Windows XP
Your web browser is not supported by TLS 1.2 and must be updated.
v6- MAC OS X 10.8Your web browser is not supported by TLS 1.2 and must be updated.
v7 through v10- Mac OS X 10.9, 10.10, 10.11, 10.12, 10.13
- iOS 1.0 and up
Your browser supports TLS 1.2.
v3 through v5 (iOS 3 and 4)- Mac OS X 10.2 and up
- iOS 1.0 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v5 (iOS 5 and 6) through v10- Mac OS X 10.2 and up
- iOS 1.0 and up
Your browser supports TLS 1.2.

Apple Safari Mobile

If Your Safari Mobile Version is..And You Are Running on one of these Operating Systems..Then...
v3iOS 1
iOS 2
Your web browser is not supported by TLS 1.2 and must be updated.
v4 through v5iOS
iOS 4
Your web browser is not supported by TLS 1.2 and must be updated.
v5 through v6iOS 5
iOS 6
Your browser supports TLS 1.2.
v7iOS 7Your browser supports TLS 1.2.
v8iOS 8Your browser supports TLS 1.2.
v9iOS 9Your browser supports TLS 1.2.
v10iOS 10Your browser supports TLS 1.2.
v11iOS 11Your browser supports TLS 1.2.

Cryptographic Library Support

The following libraries do not support TLS 1.2:

  • SChannel XP / 2003
  • SChannel Vista / 2008
  • SChannel 8 / 2012
  • Secure Transport OS X 10.2-10.8 / iOS 1-4

Supporting Content

Click a link below to view and/or download the corresponding file: