Update to TLS 1.2 - Authorize.net PCI Compliance

Question: Will our credit card processing on our WebLink website/join application via Authorize.net meet compliance of Authorize.net's latest communication below?:

Dear Authorize.Net Merchant:

After discussions with many of you regarding the effort and timelines required for updating your payment systems to disable TLS 1.0 and 1.1, Authorize.Net has decided to extend our deadline from September 18, 2017. The new date for when we will no longer allow TLS 1.0 and 1.1 is February 28, 2018. This extension will provide you with additional time and allow you to continue processing through the upcoming holiday season before any changes are required. It also still allows Authorize.Net to meet the PCI DSS requirements to disable early TLS by 2018. However, we still strongly encourage you to update your systems as soon as possible. Please refer to our TLS FAQs for additional information regarding TLS disablement. 3DES Cipher Retirement As previously communicated, we are still planning to retire the 3DES cipher (a data encryption standard) in production on September 18th. Please contact your web developer or payment solution provider to confirm that they can support this change. We have already disabled 3DES in the sandbox to allow you and your developer to test your website or payment solution prior to September 18th. You and your developer can refer to our API Best Practices for cipher recommendations and other integration suggestions. If you have any questions regarding this email, please contact Customer Support. Thank you for your attention to this matter and for being an Authorize.Net merchant.



Answer: Yes. You will be in compliance. WebLink upgraded to TLS 1.2 in the early Spring of 2017.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Want some training on WebLink Connect? Sign up today for one of our upcoming online training classes.