In order to keep you up to date with the latest industry changes, here are a few FAQs about the recent security update.
In the coming months all payment providers are required to upgrade their systems to only allow SHA-2 in order to order to increase their security and keep pace with industry standards. Opayo will be making these changes along with other providers.
What is a security certificate?
Browsers usually indicate to the user (shopper or website) that the certificate has been validated successfully (and in this instance issued by DigiCert).
What is SHA?
SHA is otherwise known as "Secure Hash Algorithm" and is the method used during the validation of a websites security certificate. Up until now SHA-1 has been the accepted method of doing this. Developed back in 1995 SHA-1 has been the preferred method of validation. This is also the method that is used by our current security certificate. Now due to the major web browsers withdrawing support for SHA-1 it is being phased out.
SHA-256 or SHA-2 as it is known is the newer more secure version of the algorithm and the preferred method for all security certificates. Over the coming months all browsers will phase out SHA-1 and replace this with SHA-2 (SHA-256). To address this issue, Opayo (along with the majority of other payment gateways and online banking web sites) are updating web certificates for all payment pages and forms.
What do I need to do?
If you have your own server you may need to speak with your technology teams to upgrade your server set-up and possibly your operating system to ensure you will be unaffected.
What will I see?
Useful links
- DigiCert’s SHA-2 Compatibility Guide
- DigiCert’s SHA-2 Certificates Guide
- Symantec’s Supported Browser and Server List
- GlobalSign’s SHA-256 Compatibility Guide
