Urgent VeriCheck TLS Security Upgrade
Updated: Sep 11, 2019
VeriCheck websites will no longer support SSL, TLS 1.1 or TLS 1.1 over HTTPS starting on March 14, 2019.
VeriCheck websites will no longer support SSL, TLS 1.1 or TLS 1.1 over HTTPS starting on March 14, 2019. At this date, older browsers or API clients that do not support TLS 1.2 will no longer work. This extends to all URLs and domains owned and operated by VeriCheck Inc.
This upgrade is in compliance with website security best practices and has been mandated by the PCI Security Council for all merchant and service providers processing or transmitting credit card data. Security vulnerabilities due to weak encryption of sensitive data transmitted over the internet have been verified. Attacks of this nature that may be more commonly known as Heartbleed, Poodle and Freak & Beast allow unauthorized parties to view data. VeriCheck as well as every website that transmits or processes credit cards will be making this upgrade. Websites that upgrade their security systems will no longer work with clients or customers of clients using an unsupported browser or API client.
All versions of SSL and versions of TLS before TLS 1.2 have been explicitly identified as vulnerable to these issues and no longer secure. API users with very old libraries are the most likely to be affected by these changes. Below is a list of user agents that identifies whether or not specific browsers have the TLS 1.2 upgrade and will continue to be supported https://www.ssllabs.com/ssltest/clients.html.
To test if a browser, API client or code is compliant with the new upgrade visit https://tlscheck.vericheck.com. Browsers that are known to not support TLS 1.2 and need upgrading to continue working are Google Chrome 29, Firefox 26, Internet Explorer 10, Safari 8, IOS 4 and Android 4. In regards to API Libraries the following popular languages need to make upgrades in order to continue to work: Java 6u45/ 7u45, .NET before 4.5, .NET 4.5 (fixable by a setting change), and OpenSSL 0.9.8. Also dynamic languages including Ruby, PHP and Python need to at minimum have OpenSSL Version 1.0.1.
There are thousands of system users who also utilize VeriCheck services such as Banquest, Versapay, Continue To Give, Settlement App, HealPay, Rent Roll App, Payment Portal, MuniRevs, USAePay, Pay Simple, Probill, Fi-Soft, Euvoc and so on. Users of these systems should upgrade to the new TLS 1.2 protocol if not completed already. It is recommended to review the TLS 1.2 upgrade as soon as possible so that all changes can be made before the March 14, 2019 date.
VyaPay can assist you if you experience connectivity issues with your VeriCheck processing or credit card processing systems. VyaPay is a secure PCI Level 1 payment facilitator gateway that businesses use to process a variety of electronic payments (e.g. VISA, MasterCard, American Express, Discover, ACH, eChecks, international payments, 3DS Secure, 3DSv2) online and in-person.
To learn more, contact VyaPay at www.vyapay.com or call 1-833-4-VYAPAY.
VyaPay is committed to bringing the power of payment technology to merchants with innovative and easy-to-use products that are supported by unmatched customer service.