Written by Donna Knight, One Step Retail Implementation Specialist
One thing retailers must accept is the fact that you will always have to update the technology you use periodically, both hardware and software. One reason for this is that the credit card industry has PCI compliance standards that get updated every once in a while. According to the latest PCI compliance standards, all retailers who accept credit cards were required to use TLS 1.2 after June 30, 2018.
What is TLS? TLS is Transport Layer Security. It is a protocol used by web browsers, programs, and apps to transfer various types of data over the internet securely, including credit card data. TLS was upgraded from 1.1 to 1.2 to improve its security features.
Current web browsers give you a choice about using TLS 1.1, TLS 1.2 or both, so it is very important for all browsers on all computers in your business to be checked and updated to TLS 1.2. This setting is not necessarily turned on by default.
Even if you don’t think you’re using a web browser to process credit card transactions, you may be. Many desktop computer programs and apps are using this web browser technology in the background. For that reason, it has been critical that retailers verify with their point of sale software providers that their software is using TLS 1.2. If it isn’t, it is essential to find out what you need to do to upgrade your software and/or web browser.
Some credit card processors, such as Cayan/TSYS, disabled credit card processing on systems that weren’t using TLS 1.2 after the deadline of June 30, 2018.
It is very important to join mailing lists related your credit card processor and point of sale software so that you are always using the latest version compatible with the highest security protocols available to you. Retailers who were subscribed to mailing lists by companies such as Cayan/TSYS were advised well in advance of this mandatory TLS 1.2 update. While other retailers were caught off guard when their system stopped processing credit cards one day.
Imagine the business losses that would happen to you if you suddenly were unable to process credit cards for hours or even a whole day! Likewise, putting your customers’ data at risk by using old security protocols can result in data breaches and fines that many small businesses cannot survive. These realistic scenarios have happened to retailers. Therefore, it is essential for retailers to keep up with the latest security-related standards. Even if you think new software and hardware security technologies are not relevant to your system, you should confirm this. The health of your business depends on it.