In a Nutshell
Merchants and partners use HTTPS to securely connect with mPAY24 servers. We use the Transport Layer Security (TLS) protocol to encrypt these communications. To increase the security of our systems and adhere to industry best practices, mPAY24 is updating its services to require TLS 1.1 or TLS 1.2 for all HTTPS connections. To avoid any disruption of service you must verify that your systems are ready for this change by February 20th, 2017.
What do you need to do?
Do you have a hosting provider?
=> Yes: Please contact your hosting provider to ensure they support TLS 1.1 or TLS 1.2.
=> No: Does your system already support TLS 1.1 or TLS 1.2? (Please see technical details below for how to verify this).
Does your system support TLS 1.1 or TLS 1.2?
=> Yes: Great! No action is required.
=> No: Please upgrade your system for TLS 1.1 or TLS 1.2 support.
Have you hard-coded an earlier version of TLS?
=> Yes: Please update your code to always use the latest version of TLS.
=> No: Great! No action is required.
Our test systems are already configured!
The mPAY24 test endpoints have been configured with the latest security standards to which the production endpoints will be moving. You can use these endpoints to verify that your code supports the required standards prior to the production endpoints getting updated. These endpoints only allow TLS 1.1 or TLS 1.2 connections: test.mpay24.com
Verify your systems:
mPAY24 recommends to verify if your system supports TLS 1.1 or TLS 1.2 at https://www.ssllabs.com/ssltest/analyze.html. You have to enter your hostname in the form input field that is connecting to mPAY24. (Attention! Please make sure to activate the "Do not show the results on the boards" box!). After some time you will get an overview of your server security level. If you have a rating of A you are fine. No further action is required. If you get a rating different than A you need to find out if it has to do with protocol usage. If you get the information that your server supports only older protocols, but not the current best TLS 1.2 then you need to update your system:
You can also look into the protocol section and check if TLS 1.1 and TLS 1.2 is enabled. If it is in the list and listed as ‚YES’ you are done. If not please update your system to support the latest TLS versions:
Second thing to look out is RC4 within the section Protocol Details. RC4 should be marked as not in use: