Authorize.Net customers on older versions of xTuple should consider upgrading

Thursday, January 25, 2018

Authorize.Net Security Updates roll out in February 2018

If you are an xTuple customer who uses the Authorize.Net payment gateway to process credit card transactions in xTuple ERP, then you have probably heard about the security updates Authorize.Net is rolling out at the end of February 2018.

xTuple is prepared for this event, having taken steps to implement the new TLS 1.2 protocol in newer versions of xTuple ERP. Anyone running xTuple ERP versions 4.10.x or later (e.g., 4.11.x) should not be impacted by this change. However, older versions — including xTuple ERP 4.9.5 and earlier — of xTuple ERP may be affected.

Here is an excerpt from a recent announcement from Authorize.Net:

"As you may be aware, new PCI DSS requirements state that all payment systems must disable earlier versions of TLS protocols. These older protocols, TLS 1.0 and TLS 1.1, are highly vulnerable to security breaches and will be disabled by Authorize.Net on February 28, 2018."

Because of this, if you are running xTuple ERP 4.9.5 (or earlier) — and you process credit card transactions in xTuple using Authorize.Net — then you should consider upgrading as soon as possible, prior to the February 28 deadline.

Please reach out to your xTuple support representative, or the xTuple Professional Services Team, if you need assistance with this important upgrade or want to discuss alternative solutions.

(Note: This advisory applies only to customers who are using the Authorize.Net payment gateway to process credit card transactions within xTuple.)

 

Pierce Tyler

Vice President Services

Pierce is a founding member of xTuple and, since 2001, has been responsible for the day-to-day technical support of xTuple’s global community of customers and implementation partners. In addition to his suport role, Pierce also manages the services group, whose scope includes implementations and ongoing professional services. He was previously a manager for knowledge management at Great Bridge, a commercial open source company serving the PostgreSQL community. For many years he taught digital literacy and college English at Old Dominion University and the University of Maryland.