We have some upcoming changes on our in order for us to stay PCI compliant. This is required for our security by Visa, Mastercard and other card brands.
1. As of June 30 2016 we will be converting to TLS 1.2.
– We are on now TLS 1.0 compliant and have been since first last quarter 2014.
– We will be testing TLS 1.2 starting May 1, 2016.
2. As of February 15, 2016 we will be removing the RC4 encryption ability.
In ENGLISH this means:
1. Older operating systems such as Windows XP, Vista and 2003 Server are NOT going to be able to make encrypted connection to our servers to make orders and process credit cards.
2. Older browsers which use RC4 encryption are NOT going to be able to make encrypted connections to our servers to make orders or process credit cards.
3. We will be upgrading our systems and processes at night from Midnight to 1 AM CST. This will mean reboots and slow downs of systems during those times.
As of December 2015, about 10% of our internet traffic would fall into this category.
We had been hoping Microsoft would help older users and produce a patch, but that has NOT happened.
WHAT CAN BE DONE?
You and your customers will need to:
1. Update the Windows Operating System to the latest Service Packs and Updates.
2. Download and install a newer web browser:
a. Firefox : http://www.getfirefox.com
b. Chrome : (STOPPED Supporting XP as of JAN 2016)
3. Ensure browser TLS 1.2 Compliance:
4. Upgrade the Windows Operating System to Windows 7, 8, or 10
5. Switch to a MAC newer than 10.5
IF YOU NEED MORE HELP:
1. Visit this web page on our server: http://www.cart32.com/rc4_update/
2. Contact us and we will be glad to explain the change so you can inform your customers
We are sorry for the inconveniences this will be to all. To remain PCI compliant and remain on the Approved sites Lists we are compelled to update security.
More technical Info may be gleaned here: