Recently there has been a lot of talk about privacy online. Its now accepted that various protocols used to secure the internet are now no longer secure and don’t give users the online privacy they would require.
SSL v3.0, TLS 1.0 and TLS 1.1 are the protocols that are open to attack, these are used to secure HTTPS traffic between a client and server. As a result PCI DSS has started to make plans to force online stores to move to TLS 1.1 but this isn’t to 2018 and TLS 1.1 is not considered secure enough.
Several payment gateways and shipping providers have already implemented their own plans to make their services secure by removing support for the insecure protocols. UPS has already disabled support for anything other than TLS 1.2. This is the current gold standard for ensuring that the traffic is secure.
Paypal have announced that in June 2016 they too will only support TLS 1.2.
So what does this mean from Cart Viper customers?
Cart Viper is built with .net Framework 4.0 which does not have support to TLS 1.2. We have had to compile Cart Viper against .net 4.5.1 which does have support for TLS 1.2.
.net Framework 4.5.1 was released in 2013 so it should be already installed on your server and you won’t need to change your application pool.
All customers that use UPS and Paypal need to upgrade to Cart Viper 3.5 or greater now to ensure they have continued service with the third parties which are only supporting TLS 1.2.
If you already have a license you can just download the free trial and once installed this will unlock to a full version.