SagePay are upgrading the protocols that are used to secure all external connections to their systems to the latest and safest.
This is not an action Sage Pay is taking alone, all websites that send or process credit card data will be making this change to protocol Transport Layer Security 1.2 (TLS 1.2). This will become mandatory for communication with Sage Pay and other payment gateways.
What is TLS?
If you are curious you can find out which TLS protocol your website uses by entering your domain on a website like www.ssllabs.com
Am I impacted?
If you use “Sage Pay Server” or “Sage Pay Direct” Integration to process ecommerce payments you will need to ensure your systems use TLS 1.2 before the deadline dates below.
If you use “Sage Pay Form” or use the Sage Pay Virtual Terminal for Telephone or Mail Order payments you will not need to make any changes.
You can find out which Integration system you currently use by locating any transaction in MySagePay, clicking the ‘Additional Details’ tab on the left menu, and viewing the “System Used” detail shown.
When will the changes happen?
To avoid any disruption to Live Payments, your systems will need to be ready for this change by 5th April 2018.
We are working on this as we speak, so your website will be updated on time.
Why are you making these changes?
The PCI Security Council sets the rules on which technologies are acceptable for use in sending cardholder data. They have identified TLS 1.0 or 1.1 as no longer acceptable.
I'm looking for a: