Reply
Posts: 2,618
Topics: 56
Kudos: 215
Blog Posts: 67
Registered: ‎12-05-2011

Temporary Disablement of TLS 1.0/1.1 on Production February 8, 2018

[ Edited ]

As you may be aware, new PCI DSS requirements state that all payment systems must disable earlier versions of TLS protocols. These older protocols, TLS 1.0 and TLS 1.1, are highly vulnerable to security breaches and will be disabled by Authorize.Net on February 28, 2018.

 

To help merchants identify if they are using one of the older TLS protocols, Authorize.Net will temporarily disable those connections for a few hours on January 30, 2018 and then again on February 8, 2018.

 

Please refer to our TLS FAQs for important details.

 

Based on the API connection merchants are using, on either one of these two days the merchant  will not be able to process transactions for a short period of time. This disablement will occur on one of the following dates and time:

 

  • Akamai-enabled API connections will occur on January 30, 2018 between 9:00 AM and 1:00 PM Pacific time.

 

  • All other API connections will occur on February 8, 2018 between 11:00 AM and 1:00 PM Pacific time.

Merchants using TLS 1.2 by these dates will not be affected by the temporary disablement. We strongly recommend that connections still using TLS 1.0 or TLS 1.1 be updated as soon as possible to the stronger TLS 1.2 protocol.

 

Note: If you are not using a current version of a web browser, please take a few moments to upgrade it now. Browsers released prior to 2014 may not support TLS 1.2. You can check your browser's TLS support by visiting https://www.howsmyssl.com/.

 

If you have any questions about the upcoming TLS disablement, please refer to our TLS FAQs or post a question in our Integration discussion area.


Build modern websites and mobile applications without increasing PCI burden using Authorize.Net Accept


Still using SIM, DPM or AIM? Please check our upgrade guide for details on migrating to our full Authorize.Net API.