What is changing?
On March 31, 2016, GiftTool will permanently disable the TLS 1.0 encryption protocol.
Why is this happening?
The security of your users' information is incredibly important to GiftTool, and as such it is our policy to always stay current with the latest security standards.
The online credit card payment industry is taking an important step to avoid security vulnerabilities. Within the next few months, individuals will no longer be able to access any secure website using older browser versions and/or computer security systems that employ TLS 1.0. This is to ensure that you are protected from known security threats associated with TLS 1.0.
All major web browsers have been automatically updated to the latest version supporting TLS 1.1 + 1.2. So you and your users should not experience any impact accessing GiftTool on March 31 unless you are using a non-supported browser or you have disabled the supported encryption protocols in the browser.
Didn't GiftTool already implement this change last summer?
GiftTool proactively disabled TLS 1.0 back in August 2015. However, based on client feedback, we decided to roll back the change temporarily to give clients and their users more time to update their browsers and/or computer security systems. The time is coming to permanently disable TLS 1.0 as required by PCI DSS credit card security regulations. We have scheduled this for March 31, 2016.
How do I know if we are ready for the change?
Test your Internet Browsers:
Visit https://tls1test.salesforce.com to test your browser compatibility.
If you see the following message, your browser has passed and you do not need to do anything, as access to GiftTool via your browser should not be impacted by this change:
However, if you see one of the following messages or something similar, your browser has failed:
...this means that you are NOT ready for the change and that you should follow the instructions for What do I do if my browser fails the test?
If applicable, review your GiftTool API integrations:
GiftTool API integrations are interfaces or applications that your developer has created to connect to the GiftTool servers and transfer data. If you are using a GiftTool API to import data, you should also ensure that the TLS 1.1 or TLS 1.2 encryption protocols are enabled in your inbound or outbound integration. Otherwise, you will experience problems with data transfer as of March 31st when TLS 1.0 is permanently disabled.
What do I do if my browser fails the test?
- Upgrade your browser to the latest version using the latest security standards.
- Alternatively, this external site describes how to disable the older encryption protocols, and enable TLS 1.1 & 1.2 in your Internet Explorer, Firefox or Chrome browser.
- If you have successfully upgraded your browser enabling TLS 1.1 & 1.2 but this has not resolved the problem, work with your IT professional to review and upgrade your computer security protocols (anti-virus, anti-malware, routers, firewalls, etc.) to make sure that they are setup for the higher TLS 1.1, 1.2 or higher encryption protocols.
- If your browser does not support TLS 1.1 or 1.2, you should switch to a different browser that does. Learn more about which browsers are compatible.
Which browsers are compatible with TLS 1.1 or higher?
Here is the current status of browser compatibility with the latest TLS 1.1 or higher encryption protocols:
- Microsoft Internet Explorer (IE):
- Desktop and mobile IE version 11; and Microsoft Edge are compatible by default.
- Desktop IE versions 8, 9 & 10 are capable when run in Windows 7 or newer, but not by default. Windows Vista and older operating systems, such as Windows XP, are not compatible with TLS 1.1 or higher encryption.
- Desktop IE versions 7 and below, as well as mobile IE versions 10 and below, are not compatible with TLS 1.1 or higher encryption.
- Mozilla Firefox:
- Firefox 27 and higher are compatible by default.
- Firefox 23 to 26 are capable, but not by default.
- Firefox 22 and below are not compatible with TLS 1.1 or higher encryption.
- Google Chrome:
- Google Chrome 38 and higher are compatible by default.
- Google Chrome 22 to 37 are capable when run in Windows XP SP3, Vista, or newer (desktop), OS X 10.6 (Snow Leopard) or newer (desktop), or Android 2.3 (Gingerbread) or newer (mobile).
- Google Chrome 21 and below are not compatible with TLS 1.1 or higher encryption.
- Google Android OS Browser:
- Android 5.0 (Lollipop) and higher are compatible by default.
- Android 4.4 (KitKat) to 4.4.4 are capable, but not by default.
- Android 4.3 (Jelly Bean) and below are not compatible with TLS 1.1 or higher encryption.
- Apple Safari:
- Desktop Safari versions 7 and higher for OS X 10.9 (Mavericks) and higher are compatible by default.
- Desktop Safari versions 6 and below for OS X 10.8 (Mountain Lion) and below are not compatible with TLS 1.1 or higher encryption.
- Mobile Safari versions 5 and higher for iOS 5 and higher are compatible by default.
- Mobile Safari for iOS 4 and below are not compatible with TLS 1.1 or higher encryption.
What should I do if I have additional questions?
Please feel free to contact us with any questions. You can reach us at email@example.com or 1.877.665.8665 (select option 2 for Support).