TLS 1.2 updation
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third-party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).
BillDesk will disable support for TLS 1.0. After this change, any application/ browser than uses TLS 1.0 WILL NOT be able to establish a successful connection to the BillDesk platform. For the best security, BillDesk recommends upgrading to TLS 1.2 as soon as possible for your organization.
Why this change?
This change is mandated by the PCI Security Council and affects all merchants and service providers processing or transmitting card data. This is not an action BillDesk is taking alone. EVERY website that transmits or processes card data has to make this change. This change has to be done by June 30, 2018.
When is this planned?
From June 22, 2018 05:00 AM IST onwards BillDesk will no longer accept TLS 1.0 connections.
What all could be impacted?
Basically, there are two methods by which connections are established with the BillDesk platform:
- 1.Browser redirection to a BillDesk URL– this is handled by the end consumer’s browser and to the extent if the browser version is the latest one, there is no reason to worry since latest browser versions support TLS 1.1 / TLS 1.2. However, if the end consumer is using an old browser version that does not support the latest TLS version then such customers WILL not be able to access the BillDesk URL. The only solution for the customer would be to upgrade to the latest browser version. You may want to let your customer support team know about this so that they can guide customers who either call/ email your help desk.
- 2.You’re connecting to a BillDesk URL on a direct server to server basis through API calls– here you need to make sure your applications are able to establish connections with the BillDesk URLs using TLS 1.1 / TLS 1.2.
What’s the action item?
Depending on your tech stack you should check the version that you’re using and the relevant support for the latest TLS version is already available or not – in the event you need to perform certain upgrades to ensure that your application can support the relevant TLS version you need to act immediately so that you’re ready.
BillDesk production end point URLs ALREADY support TLS 1.1 and TLS 1.2 which means you can immediately request your application/ technology teams to check and ensure that your applications are connecting to BillDesk using either TLS 1.1 or TLS 1.2. You need NOT wait until BillDesk completes the activity as per the planned date. You should be ready much BEFORE that to ensure no impact to your integrations.