Security is at the heart of what we do at Judopay and as a result we ensure we’re always staying on top of the latest industry-wide security updates & changes, like PCI.
What is happening?
As you may be aware by now the PCI Security Council released the PCI-DSS 3.1. The main change related to the deprecating of TLS 1.0 & SSL 3.0 as recognised secure protocols. As stated in our previous emails this means that there are a few mandatory updates you need to be aware of.
From October 20th any connection (App/Web/API) to Judopay that is not using the following will not be able to process live transactions.
What do I need to do?
Please ensure that you are using TLS 1.1 onward as a cryptographic protocol to effectively communicate with Judopay’s systems with both sandbox and live environments.
Please ensure that you have implemented the SHA-256 certificate to ensure the communication between both sides are well protected against cryptographic attacks.
Web payments & Web payments API
If you’re using our Web payments solution or have integrated using our Web payments API make sure you’re using the latest major version of our API (5.0+) and your are pointing to the correct endpoint (https://gw1.judopay.com/). Both settings are listed in the transaction header declaration before the payment request.
If you’re using any of our SDKs please ensure that you are using:
• iOS SDK (Kit ObjC and Kit Swift) version 6.0 or newer
• Android version 5 onward
• Xamarin version 2.3.0 or later
• .NET SDK 1.1.113 or newer
These SDKs can be found on Github.
If you would like to test these changes our sandbox environment is currently updated with the above changes.
If you require any support with this migration please contact firstname.lastname@example.org.
Security is at the heart of what we do here at judo, and to ensure that our platform and services are adhering to the latest security standards laid out by the PCI council (PCI DSS 3.1), we have made some updates to our API and SDKs.
These updates mean that we will be ending support for TLS 1.0 and below on 20th October 2016. After that date, any API requests or dashboard sessions will need to use either TLS 1.1 or TLS 1.2. (However, while not being immediately phased out, TLS 1.1’s days are numbered as well, so we would highly recommend an upgrade to TLS 1.2.)
As Tim Cook said, 2015 will be ‘the year of Apple Pay’. So let have a quick look at how Apple Pay has been doing since its launch. Here are some stats and facts about Apple Pay, from support from banks to consumers adoption.
Since the announcement of Apple Pay‘s inevitable expansion to the UK, many commentators has been speculating the impact it will have on in-store retail. Will consumers and merchants jump quickly on-board with the service? Will it really make paying for goods and services easier at a physical location?
What we haven’t talked enough about is the impact it will have on paying for goods and services within an app. Think about it, the next time you want to splurge on a nice sofa for your living room, you can simply use Apple Pay to complete checkout in just 1 step. No more account setup. No more lengthy forms for billing and shipping information. No more time to abandon a purchase before checkout is complete.
This article in UK’s Business Insider explores why being able to pay for goods and services in-app with one touch is truly where Apple Pay shines.
Never before has buying goods and services using your mobile device been easier or more secure.
Apple confirmed earlier today the much anticipated geographic expansion of Apple Pay to include consumers and businesses based in the U.K. Launching in July with over 250,000 merchants and many of the banks that issue debit and credit cards to UK consumers, the service looks ready to kick off with a big impact.
Late last week, Google held its annual developer conference, dubbed I/O 15, where the data-obsessed tech giant unveiled the much expected Android Pay. In short, Google has matched the offering of Apple Pay™ allowing consumers to pay easily and securely both in store (using NFC) and in-app (using fingerprint authentication). Android Pay was first unveiled at Mobile World Congress in March following the acquisition of Softcard from a consortium of US TelCo operators.
Since Tim Cook’s announcement in September last year, Apple Pay has been the hot topic in payments and tech industry conversations. Apple’s answer to mobile payments caused much speculation on how it will change the payments industry. While Apple Pay is not exactly disruptive or innovative (it uses pre-existing technology), it will accelerate the rapid change in consumers’ behaviour and increase mobile commerce adoption.
We’re now at the end of the 8th month after its announcement, how is Apple Pay faring so far? Let’s have a quick look.
If you don’t know by now (and I hope you do), the Payment Card Industry Security Standards Council (PCI SSC), updated its Data Security Standards (DSS) to version 3.0 earlier this year in January.
To release some minor adjustments and clarifications, they have now issued a follow up version 3.1. The biggest thing that will affect all merchants in this standard update is that Secure Socket Layer (SSL) can no longer be used as a security control after June 30, 2016.