Worldpay Developer Community Support Team

Upcoming TLS 1.2 Express and MercuryPay Platform Changes

Blog Post created by Worldpay Developer Community Support Team on Mar 21, 2018

Summary

Per PCI 2018 requirements, processing servers are being required to remove encryption protocol ciphers no longer considered safe which include TLS v1.0 and v1.1. These two protocols must be retired by June 30, 2018. It is important for ISVs, Resellers and merchants to begin preparations for this critical security deadline.

 

If the POS system's encryption protocol is not updated to TLS v1.2 before the production dates listed below, merchants will be unable to process transactions.

 

 

Important MercuryPay TLS 1.2 Migration Dates

Please note:  To our partners and merchants on Datacap Systems' solutions, you are not impacted by this TLS upgrade! Datacap uses a proprietary encryption protocol to protect MercuryPay merchants. 

 

On Monday March 5, 2018 MercuryPay CERT environments (designated in the DNS/URL as "mercurycert.net") were updated to enable TLS v1.2 only. 

 

MercuryPay PRODUCTION environments removal of TLS 1.0 and 1.1 release dates:

Phase

Platform

Date to upgrade

1.

Virtual Terminal

 Wed, June 6

Blackline

2.

Hosted Checkout

Wed, June 13

Vital

Microsoft RMS

3.

Web Services

Wed June 20

4.

Micros

June 27

  • x1.mercurypay.com - no action necessaryFor more information about Datacap System's technology please refer to their site.

 

It is important that partner and integrators continue to test in our MercuryPay CERT environment in preparation for the TLS 1.2 mandate

 

Important Express TLS 1.2 Migration Dates

In support of the removal of TLS 1.0 and 1.1 from the Express Cert and Production environments, and depending on the triPOS version installed, triPOS Direct integrators and merchants may need to make adjustments to the PC where triPOS is installed.

 

Express CERT removal of TLS 1.0 and 1.1- April 2, 2018

Express CERT Platform URL's:

 

Express PRODUCTION removal of TLS 1.0 and 1.1 June 27, 2018

It is important that partner and integrators continue to test in our Express CERT environment in preparation for the TLS 1.2 mandate.

 

Express PRODUCTION Platform URL's:

 

After TLS 1.0 and 1.1 support is disabled in Express Production on June 27, 2018, merchants will no longer be able to process transactions on the Express platform using payment applications that continue to use the older TLS 1.0 and 1.1 protocols.

 

Important triPOS Direct TLS 1.2 Application Updates

After TLS 1.0 and 1.1 support is disabled in Express Production, merchants will no longer be able to process live transactions using triPOS implementations that don't support TLS 1.2. 

 

The following options are available to force triPOS Direct to utilize TLS 1.2 when communicating with the Express payment platform.

 

OptiontriPOS Direct VersionDescription/Instructions
#15.14.2 or higher

Install triPOS Direct 5.14.2* or higher to automatically force the use of TLS 1.2 without any additional modifications.

 

*It was previous mentioned that 5.14.1 would automatically force TLS 1.2, a bug has been corrected and all integrators should upgrade to 5.14.2 or follow steps 2 or 3.

#25.14.1 or earlierUpdate Windows Registry manually to use SchUseStrongCrypto value for TLS 1.2.  See https://github.com/ElementPS/tls-upgrade for instructions.
#35.14.1 or earlier

Update Windows Registry using .reg file to use SchUseStrongCrypto value for TLS 1.2.  See https://github.com/ElementPS/tls-upgrade for instructions.

 

Product NameVersionTLS Protocol
triPOS CloudAllTLS 1.2 - no action nessary
triPOS Mobile

iOS SDK 1.1.8+

 

 

Android SDK 1.0.17

iOS 8 or lower - TLS 1.2 not supported upgrade to iOS 9+

iOS 9+ - TLS 1.2 no action necessary

 

Android OS Nougat (7.0) or later: TLS v1.2 no action necessary

Previous Versions: Not supported. Any older OS will require update

 

Questions?

Leave a comment or ask a question.

 

Questions about product roll out dates

  • Partners should contact their Channel Manager regarding details about production server changes

Technical support questions

  • Partners requiring technical help to confirm or clarify changes that need to be made to their applications or merchant environments can contact Developer Integrations
  • To determine what ciphers and protocol you have implemented, go to https://www.ssllabs.com/and test your browser.

 

 

Outcomes