Support for secure credit card transactions using TLS 1.0 ended on June 30, 2018. The new standards defined by the PCI Security Standard Council requires all payment processors and third-party providers to explicitly disable support for TLS 1.0 and switch to exclusively using TLS 1.2.
More Information
If you use SocketTools to send or receive credit card payment data, upgrade to the current version. SocketTools 11 includes several important security related updates that will ensure that your users will be able to continue to connect to these service providers.
Previous versions of SocketTools would negotiate for a secure connection using any version of TLS that was available. SocketTools 6.0 and earlier versions would also attempt to use SSL 3.0. Because SSL and the earlier versions of TLS are no longer secure, you cannot use them to connect to a PCI DSS 3.2 compliant service.
The current version of SocketTools will only establish a secure connection using TLS 1.2 or later versions and will automatically disable the use of weaker cryptographic algorithms that can potentially cause the server to reject the connection.
SocketTools uses the Windows CryptoAPI and Schannel provider to implement support for TLS on the Windows platform. This provides several advantages to the developer because it is part of the core operating system. The application developer does not need to redistribute additional libraries, and updates are included as part of the normal Windows Update process, ensuring that their end users have the most current security updates and improvements.
The security functionality in SocketTools is directly tied to the version of the Windows operating system that their end-user is running their application on (not the version of Windows that was used to develop the application).
The minimum required platforms to use TLS 1.2 is Windows 7 SP1 on the desktop and Windows Server 2008 R2. For the best security options, it is recommended you use Windows 10, Windows 11 or Windows Server 2022. Older versions of Windows that are no longer supported by Microsoft only provide support for TLS 1.0. Applications on those unsupported platforms will fail to connect to credit card payment processors, gateways, and other payment service providers.
See Also
Windows and Supported TLS Versions
Support for TLS 1.2 on Windows XP
Unable to Establish Security Context