Transport Layer Security (TLS)

Transport Layer Security. Some merchants may have heard the phrase “TLS” or “TLS version 1.2” recently and may be wondering what this is, and how it impacts your ability to process credit cards. Transport Layer Security (TLS) is the updated internet security protocol, which defines how different devices/terminals securely communicate over the internet. Think of TLS as the driving laws we all follow ­–– there are millions of cars and miles of roads, and we all follow the same traffic laws: drive in your designated lane, follow the speed limit, etc. TLS protocols work in a similar fashion; they define the “rules” for secure data transmission over the internet, so all parties know how to best communicate.

Recently, PCI compliance requirements changed in order to support more secure credit card transactions. One of those changes was to mandate that any credit card sales processing over an internet connection use this advanced new protocol, known as TLS version 1.2. As such, any device that transmits data over an internet connection (even a credit card terminal) must have a programming update, to ensure that the data is transmitted in this secure format.

What does this mean for you? Most likely, nothing, if you process in a manually-keyed or online environment, as you will not be impacted. However, this does affect card-present and terminal-based merchants, so read on!

We’ve been hard at work in the background making updates and reaching out to merchants needing new programming. Note, if your device is not updated for the latest TLS version, it will stop working over an internet connection. Dharma has been communicating with impacted merchants directly, so if that’s you, we will reach out via email or phone. Please don’t ignore any communications from Dharma about this issue, as you might lose the ability to process credit cards!