Security is at the heart of what we do at Judopay and as a result we ensure we’re always staying on top of the latest industry-wide security updates & changes, like PCI.
What is happening?
As you may be aware by now the PCI Security Council released the PCI-DSS 3.1. The main change related to the deprecating of TLS 1.0 & SSL 3.0 as recognised secure protocols. As stated in our previous emails this means that there are a few mandatory updates you need to be aware of.
From October 20th any connection (App/Web/API) to Judopay that is not using the following will not be able to process live transactions.
What do I need to do?
Please ensure that you are using TLS 1.1 onward as a cryptographic protocol to effectively communicate with Judopay’s systems with both sandbox and live environments.
Please ensure that you have implemented the SHA-256 certificate to ensure the communication between both sides are well protected against cryptographic attacks.
Web payments & Web payments API
If you’re using our Web payments solution or have integrated using our Web payments API make sure you’re using the latest major version of our API (5.0+) and your are pointing to the correct endpoint (https://gw1.judopay.com/). Both settings are listed in the transaction header declaration before the payment request.
If you’re using any of our SDKs please ensure that you are using:
• iOS SDK (Kit ObjC and Kit Swift) version 6.0 or newer
• Android version 5 onward
• Xamarin version 2.3.0 or later
• .NET SDK 1.1.113 or newer
These SDKs can be found on Github.
If you would like to test these changes our sandbox environment is currently updated with the above changes.
If you require any support with this migration please contact firstname.lastname@example.org.
‘Aaarghh – why are they asking me for all this, all I want is to pay!’
I am often heard growling something along those lines (swearing omitted), when I try to complete a payment from my phone.
As the UX lead at Judopay, when faced with poor checkout experiences – that, I some years ago might have accepted as the painful way of things – now invoke similar reactions in me as when my older relatives are having ‘computer problems’, blood pressure included. read more
After launching in the US last year, Android Pay™ is finally coming to the UK. It has enormous potential to make 2016 a very significant year for mobile payments. Android has a 51.9 %* market share in the UK which means millions of Android users will now be able to pay for things quickly and securely with just a single tap, whether in-store or in-app.
This summer, I came across an opportunity to write my first SDK, so I leapt at it. As developers, there is something very appealing about writing software for use by other developers. It might be because of the sense of solidarity that you’ve made life easier for sisters/brothers in code, or the thrill of a backseat driver finally getting a chance at the wheel. That is until the realisation that the demographic you’re serving will also be the best equipped to critique your output, this is especially true when producing an open source repository.
So below are some lessons (some key, some trivial) that I learned while coding judo’s Xamarin SDK.
As an app developer or retailer – you have the sweetest opportunity to engage, and sell – to your loyal customer base in the coming months. Furthermore, this is the time of year to attract and retain new customers with great offers during a time of commercial frenzy.
Experts have predicted that the frenzy of Black Friday can ‘lead to the first £1bn online shopping day in the UK’. A recent survey also suggested that many shoppers have been put off by the frantic in-store shopping experience, and hence ‘only 38 per cent of Britons plan to hit the shops on Black Friday as opposed to 44 per cent last year’.
To help you get ready for the impending holiday season, we have pulled together some tips to make sure your mobile app is prepared when shoppers arrive looking for holiday deals.
Last week, James Quinn, the Group Business Editor of Telegraph Media Group, wrote that Domino’s Pizza is ‘far more valuable a digital company than any tech unicorn’ (read the full piece here). It is a good opinion piece, and we agree that Domino’s has seen major success in their investment in digital and mobile channels (we like what they did with their app, we even wrote about it here). However, it is rather concerning that one of our country’s leading business voices doesn’t seem to buy into the future of London: ‘so-called unicorn tech companies’.