New Security Protocols, late June

By June 28, 2018, CoreCommerce will have disabled OLDER security protocols that may impact you and your customers. The PCI (Payment Card Industry) Security Standards Council who regulates credit card processing and security for service providers (like CoreCommerce and other e-commerce providers) require us to disable the OLDER SSL/TLS security protocols that were created before 2008, so we are disabling anything 10 years or older.

SSL/TLS works like a secure handshake and our servers currently communicate with browsers on both an older and newer security protocols. This may cause a small interruption when we disable the older security protocols and only use the newer security protocols.

Protocol

Published

SSL 2.0

1995

SSL 3.0

1996

TLS 1.0

1999

TLS 1.1

2006

TLS 1.2

2008

 

What does this change affect?

Short answer: Browser access to your store for both you and your customers, FTP access, payment gateways, 3rd party API’s we connect to, our API, and email access (if CoreCommerce hosts your email).

The good news if you have a computer that is less than 3 years old or newer, you should be OK, older browsers like Internet Explorer 10 have TLS 1.2 support by default. However, older versions of Internet Explorer (7, 6) don’t have support for it at all. So if one of your customers tries to check out with one of those older browsers and only TLS 1.2 is enabled, your customer simply won’t be able to access your store.

What do I need to do?

Nothing is required on your end, we are notifying you about the upcoming changes in case some customers using really old technology are NOT able to access your site after June 28, 2018.

Thanks,

CoreCommerce Support