Important Notice: Transport Layer Service – TLS 1.1 UAT Retirement
This service is the protocol that provides privacy and data integrity between communicating computer applications. In preparation of the retirement of TLS 1.1 in production (date to be confirmed), Bambora wishes to advise that the matching changes have been made in our UAT environment and the environment is ready for testing.
What does this mean for me/my business?
All services that utilise TLS to communicate to the Bambora UAT environment must connect via TLS version 1.2 or 1.3, to ensure a successful connection. As all services are impacted, this will include:
• API – all API services (including API payment processing and reporting)
• HPP/iHPP payment pages where a customer is using an outdated browser that does not support TLS 1.2 or 1.3
• SFTP – batch payments, reporting, file mobility
• Access to PRM/Bambora BackOffice – applies to end users using an outdated browser
How do I know if I’m impacted?
The client-side connection dictates what TLS standard is utilised to connect to Bambora, therefore we’re not privy to your system configuration. You’ll need an IT professional to check your outbound connections to the Bambora UAT environment, ensuring they are connecting via TLS 1.2 or 1.3.
Customers using only HPP/iHPP (payment iFrames), iPayRent and Bambora’s BackOffice will not need to make any IT changes, except ensuring your web browser is up-to-date.
Why are these changes necessary?
As a payments service provider, it’s important that Bambora comply with the newest security standards to protect you, and your customers’ data. As such, Bambora are making amendments to our TLS encryption requirements, as per the Payments Card Industry - Data Security Standards (PCI-DSS).
If you’ve any queries, or wish to discuss these changes further, please contact the Bambora support team at email@example.com