Mandated SHA/TLS Updates from Elavon

Mandated SHA/TLS updates from Elavon

More than likely, your merchants have received letters from their banks/processors notifying them of Security Updates, Shut-Off Dates, and Required Action Steps. These notifications are unique and independent of EMV standards. Failure to prepare won’t result in a shift in liability; it will result in a complete disruption of service. Please read below to ensure that you and your merchants are prepared to avoid a shut-down in processing.

 

What is this all about?

The entire industry is shifting to newer security protocols. Previously used SHA-1 and TLS 1.0/SSL 3 have proven to be vulnerable to certain attacks. SHA-1 certificates are scheduled to expire and Elavon is migrating to SHA-2 and TLS 1.2. Deadlines are determined by Elavon and are subject to change at their discretion.

 

What do I need to do?

Datacap has been updating our Elavon applications since we learned of the planned changes. Only Host-Based applications are affected; terminal-based applications do not require an upgrade. See below to see if your merchants will be affected.

 

For NETePay Users:

Version 5.06.11 and above

  • No Action Required

Versions Below 5.06.11

  • Upgrade to latest version of NETePay via PSCS. Standard Upgrade Rates Apply

 

For Tran Users:

Software Version 3.83.84

  • No Action Required

Software Versions below 3.83.84

  • Upgrade to latest Application via PSCS. Standard Upgrade Rates Apply

 

Elavon Deadline (Listed Date is at Elavon’s discretion)

December 31, 2017

 

Contact Datacap Tech Support with Questions