What is TLS and how does it affect my online store?
TLS is an acronym for “Transport Layer Security,” which is the protocol that allows electronic devices (such as computers and phones) to communicate securely over the internet without the transmission being vulnerable to hackers.
The latest PCI standards are mandating that any site accepting credit card payments (eCommerce) use TLS 1.2 after June 30, 2018.
If you aren't
accepting credit card payments, you still need to be compliant if you are collecting any customer information whatsoever. e.g., names, email addresses, phone numbers, etc.
What does this mean?
Many hosting providers, as well as eCommerce software providers have already moved to TLS 1.2. Authorize.Net disabled earlier versions of TLS earlier this year, on February 28, 2018.
Now, PayPal is upgrading the protocols used to secure all external connections made to their systems. Transport Layer Security version 1.2 (TLS 1.2) will become mandatory for communication with PayPal on June 30, 2018.
- PayPal Standard
- PayPal Pro
- PayPal Braintree
- PayPal Express
- and more!
What do I need to do to avoid interruption?
By not upgrading to TLS 1.2, you are putting your business data as well as your customers’ data at risk of hackers.
After the deadline, the services on your website that require the use of TLS 1.2 will stop working, which means your payment processing, shipping calculator, or other real-time data could be interrupted if TLS 1.2 is not in place.
Easy Steps You Can Take Now:
- Check with your website hosting company to ask if your website is running TLS 1.2. If not, ask for an upgrade. Pro Tip: Always ask for a full backup to be taken before any upgrades are performed.
- Contact any software providers you do business with to confirm they are TLS 1.2 compliant, and upgrade your software if necessary.
This is especially important with eCommerce software. Security Patches are released frequently and you don't want to fall behind and become vulnerable.
Don't Wait Until the Last Minute!
If you have any questions, don't hesitate to reach out. Our consultants can work with you to determine if you are up to date, no matter what platform you are using! We can do a full evaluation to determine your TLS compliance.