TLS Upgrade Instructions
TLS Upgrade Notification – What You Need to Know
On February 1, 2023, PayerMax websites will no longer support SSL, TLS 1.0 or TLS 1.1 over HTTPS which means older browsers or API clients that do not support TLS 1.2 will no longer work after this date. This includes all URL’s and domains owned and operated by PayerMax, specifically payermax.com.
This change is in recognition of website security best practices. It has also been mandated by the PCI Security Council for all merchants and service providers processing or transmitting credit card data, so you may already have implemented these changes at your company. We also wanted to give you as much notice as possible in the event your IT team needs to upgrade browsers or make changes to your applications, if required (See “How to Test” below).
Why are we making this change?
You may have heard of these vulnerabilities by some of their better-known names such as Heartbleed, Poodle, Freak and Beast. These vulnerabilities concern the weak encryption of sensitive data transmission over the internet, which may allow unauthorized parties to view the data. All versions of SSL, and versions of TLS before TLS 1.2 have been explicitly identified as no longer being a strong form of encryption because they are vulnerable to many known attacks. This is not an action that PayerMax is taking alone. For example, EVERY website that transmits or processes credit card data will be making this change. If you or your customers are using an insecure or unsupported browser or API client, you will find that all secure websites will stop working very soon.
How do I know if I’m affected?
Most browsers have supported TLS for at least the last few years, so end-users are unlikely to be affected by this change. The biggest impact is likely to be felt by API users with very old libraries. A comprehensive list of browsers and the version supported is available,please refer to[List of browsers and components].
API Library SupportIf
you have code that connects with the PayerMax API, you must ensure that it will continue to work after February 1, 2023. Each language and library is different, however we’ve identified the popular ones that may be of concern.These languages will need significant changes/upgrades in order to work: Java 6u45 / 7u45 .NET before 4.5 (does not support TLS 1.2) .NET 4.5 (must be have setting changed to explicitly enable TLS 1.2) OpenSSL 0.9.8 Most dynamic languages such as Ruby, PHP, & Python rely on the underlying operating system’s OpenSSL version. You can check it by running the command openssl version. Version 1.0.1 in the minimum required. We would be happy to help you ensure compatibility in any way we can. However, please keep in mind that we are not experts in every language or framework and so we aren’t able to test or fix your code for you.
Browser Support
Most browsers have supported TLS 1.2 for several years.The following browsers DO NOT support TLS 1.2 and will no longer work: Google Chrome 29 ,Firefox 26 ,Internet Explorer 10 ,Safari 8 ,iOS 4 ,Android 4
Further Reading & Resources
[How's My SSL][PCI 3.1: Stop Using SSL and Outdated TLS Immediately]