TLS1.2 compliance by 2018

I received an email from Authorize.net stating my API will need to be TLS1.2 compliant by Feb 28, 2018, and I should check with the developer to make certain TLS1.2 is supported.

  • Mahlamusa

    Hello Matt

    I hope you are doing great today. Thank you for your question and for your patience as we were looking into this.

    TLS1.2 must be supported on the server as it is a server function to encrypt data during communication. You can test if your server supports TLS1.2 by using this online tool. Basically what you want to see is an A for the grade and under "Protocols" in the "Configuration" section on the test results you should see TLS 1.2 listed and should be green. If you see TLS 1.2 listed then you do not need to worry about anything regarding this issue except when you also see TLS1.0 and 1.1 enabled, then that will be a course for concern as some browsers may still connect to your server using those outdated protocols, if these are enabled then you should consider contacting your host and ask if they will disabled them and when.

    The benefit of TLS1.2 is the improved security it offers over the outdated versions. The issue with the older versions is that they are vulnerable and their encryption methods can be intercepted, These should not be used in any website that uses sensitive data like credit cards.

    The Membership 2 Pro plugin uses whatever technology offered by the server, so if the server is using TLS1.2 then Membership 2 Pro will use it to connect to the Payment Gateway over the SSL/TLS protocol provided by the server.

    One issue you should worry about is that there are some old browsers that do not support TLS1.2 like older version of Internet Explorer prior to v10, these browsers will display a message saying they are unable to render the page, so some of your website visitors may have issues connecting to https:// on your website.

    I hope this helps, please let us know if you need any further assistance with regards to this.

    Have a nice day.
    Mahlamusa