On June 30th, 2018, PlayVox will be disabling the TLS v1.0 encryption protocol on our web application. After this date, connections to and from the PlayVox platform will require the TLS 1.1 or the TLS 1.2 encryption protocols, attempts to establish a connection using TLS 1.0 will not work.
This change will ONLY impact PlayVox users that are using outdated web browsers such as Internet Explorer 10 or earlier, or very old versions of Firefox and Chrome.
Keep reading for more details regarding this change.
What is TLS?
TLS (Transport Layer Security) is a cryptographic protocol used to provide privacy and data integrity in communications over computer networks. TLS is heavily used on the web today to encrypt HTTPS connections.
Why is TLS 1.0 being deactivated?
PlayVox takes information security very seriously. In order to keep a high level of security and in alignment with best industry practices we are disabling TLS 1.0 as it is no longer considered a secure protocol.
TLS 1.0 was introduced in 1999 as an upgrade to SSL 3.0. In recent years, vulnerabilities in the protocol could allow an attacker to recover potentially sensitive data from the encrypted traffic. The PCI Security Standards Council, especially the PCI DSS v3.1 standard has defined June 30th, 2018 as the deadline to disable SSL and early TLS protocols and upgrade to stronger protocols such as TLS 1.2. Federal guidelines such as NIST SP.800-52r1 consider TLS 1.0 no longer secure and instruct institutions to migrate to TLS 1.2. The IETF (Internet Engineering Task Force) has made available an RFC detailing the weaknesses of the TLS 1.0 protocol (https://tools.ietf.org/html/rfc7457). TLS 1.2 support has been available in all major browsers since 2014 or earlier.
How are customers impacted by this change?
Current versions of major browsers (e.g. Firefox, Chrome, Edge, Internet Explorer 11, Safari, Opera) support TLS 1.2 since 2014 or earlier. Only customers using outdated web browsers will be impacted if those browsers do not support TLS 1.1 or 1.2. We always recommend that you use the current available version of a browser. To find out if your browser is affected go to https://www.ssllabs.com/ssltest/viewMyClient.html
If your browser is up to date you will receive the following message:
On the contrary, if you encounter the following message you need to replace or upgrade the web browser to a compatible version:
Please ensure that the users in your company are using compatible TLS 1.2 web browsers, otherwise, they will not be able to access PlayVox once security is upgraded on June 30th, 2018.
If you have any questions regarding this change, please contact us at email@example.com