Update, 4-19-2016; please refer to this blog post for latest details.
Update, 4-26-2016: We have an update to our TLS plans. Please read this announcement for details.
U...
After discussions with many of you regarding the effort and timelines required for updating your payment systems to disable TLS 1.0 and 1.1, Authorize.Net has decided to extend our deadline from S...
...equirements state that all payment systems must disable early TLS by 2018.
In preparation for this requirement, Authorize.Net plans to disable TLS 1.0 and TLS 1.1 on the following dates:
&n...
...SL version 3, and to help you disable it.
BEST PRACTICES
To encourage security best practices, Authorize.Net strongly recommends using the highest version of TLS your c...
...ES cipher suites in the sandbox on July 30, 2016.
Specifically, we will be ending support for the cipher, TLS_RSA_WITH_3DES_EDE_CBC_SHA, also known as DES-CBC3-SHA or Cipher 0x0a.
&n...
...equired to define a character limit when storing any of our IDs, the limit should be an unsigned integer (up to 20 digits).
TLS Remediation for PCI DSS Compliance
As you may a...
...ecurity transport—the part that negotiates TLS—supports SHA-256
Your solution does not connect directly to Authorize.Net using an IP address
Your solution’s firewall is not set to whitelist A...
