Bambora Scheduled Maintenance #236986
Scheduled Maintenance Report for Bambora
Completed
The scheduled maintenance has been completed.
Posted Sep 27, 2021 - 16:00 AEST
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Sep 27, 2021 - 13:02 AEST
Scheduled
Transport Layer Service – TLS 1.1 Temporary Deactivation in UAT

Upcoming scheduled maintenance notice

This service is the protocol that provides privacy and data integrity between communicating computer applications. In preparation for the retirement of TLS 1.1 in production, Bambora wishes to advise that we will temporarily disable TLS 1.1 support in our UAT environment for testing. We will reenable TLS 1.1 support by the end of the change window.

What does this mean for me/my business?

To ensure a successful connection, all services that utilise TLS to communicate to the Bambora UAT environment must connect via TLS version 1.2 or 1.3. As all services are impacted, this will include:

• API – all API services (including API payment processing and reporting)

• HPP/iHPP payment pages where a customer is using an outdated browser that does not support TLS 1.2 or 1.3

• SFTP – batch payments, reporting, file mobility

• Access to PRM/Bambora BackOffice – applies to end-users using an outdated browser

How do I know if I’m impacted?

The client-side connection dictates what TLS standard is utilised to connect to Bambora; therefore, we’re not privy to your system configuration. You’ll need an IT professional to check your outbound connections to the Bambora UAT environment, ensuring they are connecting via TLS 1.2 or 1.3.

Customers using only HPP/iHPP (payment iFrames), iPayRent and Bambora’s BackOffice will not need to make any IT changes, except ensuring your web browser is up-to-date.

While Bambora will reenable TLS 1.1 support by the end of the change window, we highly recommend that all services permanently connect to the Bambora UAT environment via TLS version 1.2 or 1.3.

Why are these changes necessary?

Bambora must comply with the newest security standards to protect you and your customers’ data as a payments service provider. As such, Bambora is making amendments to our TLS encryption requirements, as per the Payments Card Industry - Data Security Standards (PCI-DSS).

If you’ve any queries or wish to discuss these changes further, please get in touch with the Bambora support team at support.apac@bambora.com.
Posted Sep 22, 2021 - 08:01 AEST
This scheduled maintenance affected: Bambora Products (Demo platform).