TLSv1.1 has recently celebrated its 13th birthday. Perhaps unsurprisingly in today’s fast-paced, technology-driven world both TLSv1.0 and TLSv1.1 are now regarded as insufficient for protecting sensitive information (particularly payment data) due to known vulnerabilities.
The PCI Data Security Standards (PCI DSS) recommends TLSv1.1 at a minimum is used but strongly advises that TLSv1.2+ is deployed for safeguarding payment data in order to comply with current PCI recommendations.
Because TLSv1.1 does not comply with PCI recommendations, both Chrome, Firefox, Microsoft Edge and IE 11 plus Safari browsers will all revoke support for TLSv1.1 very shortly.
It is estimated that usage of TLSv1.1 is less than 5% worldwide but, monitoring our traffic at Pressidium, we’re seeing just 0.02% on our network using TLSv1.1. The low usage rates therefore make this revocation of support for TLSv1.1 by the major browsers a timely one.
Pressidium is Ending Support for TLSv1.1
Security is a top priority at Pressidium. Due to the very low levels of traffic that are now using TLSv1.1 and, in line with current hosting best practices, we are ending support on our own platform for TLSv1.1 from the 1st February in line with security industry recommendations.
This change is likely to only affect a very small percentage of clients that process payments through their WordPress websites. As a result of support being revoked in all major browsers it is now important that the latest standards (TLSv1.2 or above) are adopted where required.
TLSv1.3 is now also here and Pressidium will begin supporting this latest version of the TLS protocol very shortly.
As always, we aim to ensure that any disruption experienced by our partners caused by changes to our platform are kept to an absolute minimum. We are here to help you if you have any concerns or queries about this change. To get in touch, please open a support ticket from within your Dashboard and our team will be happy to help.