The Mystery of TLS

TLS 1.2 Secured

Written by Cheryl Blasnek , One Step’s Implementation Service Director | May 1, 2018


 

You have probably been bombarded with information about TLS 1.2. It all sounds very scary, especially when notices threaten your system to stop processing credit cards July 1, 2018 if you have not made the necessary changes. One Step included TLS information in our March newsletter and we recently sent out news briefs on this topic.

However, because there continues to be some confusion on the subject, we thought we would devote another article to try to demystify TLS. At the end of the day, what retailers request is: just tell us what we are supposed to do. So, let us offer a quick summary of TLS and then be as specific as we can as to what is required of you.

The PCI Software Security Council has played a significant part in keeping payments safe for a long time, and now it is taking the steps to retire older encryption protocols. Transport Layer Security (TLS) 1.0 and Secure Sockets Layer (SSL), are no longer considered to be strong cryptographic protocols. The PCI SSC has mandated that by June 2018, retailers and service providers must adopt newer versions of the TLS cryptographic standard. This is a mandated industry change in order for credit card processing to continue functioning.

YOUR NEXT STEPS

Find your OPERATING SYSTEM, POS PRODUCTS, and PROCESSOR information below for specific instructions. If you need to update or need assistance, contact your One Step Account Manager.

OPERATING SYSTEM

Important Notes:

  • Be sure that all current Windows updates have been applied and TLS1.1 and 1.2 are enabled.
  • DO NOT disable TLS 1.0 in Windows as some POS products use it elsewhere.

Windows XP and Windows Server 2003 do not support TLS 1.2. You MUST upgrade.

Windows Vista, 7, 8, 8.1 and Server 2008, 2008 R2, 2012, 2012 R2 support TLS 1.1 and TLS 1.2 but are disabled by default. If you did not receive enabling instructions from One Step, contact your Account Manager.

Windows 10 support TLS 1.1 and 1.2 and are enabled by default. No action needed.

POS PRODUCTS

Retail Pro 9

Versions 9.30.5.395 and 9.4 or higher are already using TLS 1.2. No action needed.

Any version under 9.30.5.395 will need to be upgraded.

 

Retail Pro 8

Version 8.7 has a patch (8.7.400.44) that must be applied.

Version 8.6 or lower must be upgraded.

 

Retail Pro Prism

Version 1.11 or higher are TLS 1.2 compliant. Anything less than this build needs to be upgraded.

 

Counterpoint SQL 8.4

Version 8.4.6.19 supports TLS 1.2. Anything below this build must be updated.

 

Counterpoint SQL 8.5

Version 8.5.4 has a patch that must be applied.

Version 8.5.3 must be updated to 8.5.4.

Version 8.5.2 or below must be updated to 8.5.2.1.

PROCESSORS

Cayan

Cayan is scheduling brownouts to test TLS 1.2 compliance. If your systems are not compliant, you will not be able to process cards during this time. For the current scheduled brownout periods, see https://cayan.com/tls.

 

CP Gateway

CP Gateway with TSYS or Worldpay will stop working on April 30, 2018. You MUST switch to NCR Secure Pay and be on at least Counterpoint 8.4.6.12.

 

NCR Secure Pay

Secure Pay supports TLS 1.2.

 

Foundry Logic Mobile POS

Retail Mobile Suite must be updated to version 4.1.67

Retail Mobile POS app, starting with version 4.1.129, will display a warning message if TLS 1.2 support is not available. Make sure your apps are updated.

 

Still not sure about what steps to take?

Your One Step Retail Account Manager is ready to answer any of your questions. Just give them a call!