ATM Security Update: How To Enable TLS 1.2 Protocol
The Announcement
The PCI Security Standards Council has mandated that the use of SSL and Early TLS (i.e. TLS 1.0 or 1.1) protocols be discontinued effective June 30, 2019. All network providers and processors are making preparations to ensure they are compliant by the June 30, 2019 deadline. To prevent any downtime, make sure your ATM terminals have been updated with the latest software and security certificates.
After this date, ALL ATMs using SSL or Early TLS (i.e. TLS 1.0 or 1.1) communications protocol will stop communicating to the Host and fail to process any transactions.
What Does This Mean?
-
- Network providers are already handling the TLS 1.2 communications protocol. Therefore, as soon as possible, set the communication protocol on your ATMs to use TLS 1.2 communication protocol.
- Anytime you visit a direct connect TCP/IP communicating ATM verify that it is set to TLS 1.2.
In order to continue processing transactions …
- TLS 1.2 Protocol MUST be enabled on your ATM Machine
Do I Need to Enable TLS 1.2?
You NEED to Enable TLS 1.2 if …
- Your ATM is communicating via Hardwired Internet connection (TCP/IP)
You DO NOT need to Enable TLS 1.2 if …
- Your ATM uses a phone line or wireless ATM modem. Your machine will not be impacted if it is communicating via a phone line or cellular wireless device box already on TLS 1.2.
- How do I know if my wireless box is TLS 1.2?
- The chances of you having a wireless box that is not already on TLS 1.2 are low. If you are having trouble with your wireless ATM device please call ATMDepot.com at 888.959.2269, or your Wireless Provider, with your device’s serial number. Remember, It is best to make the request while at the location where the device is in service. Our wireless department can update your device remotely.
- How do I know if my wireless box is TLS 1.2?
How to Enable TLS 1.2 Protocol
Hyosung
Customer Setup > Select Processor > TCP/IP Type
- SLS/TLS = Enable
- SLS/TLS Version = Up to TLS v1.2
Genmega/Hantle/Tranax
Customer Setup > Change Processor > SSL Pass Through > SSL > SSL Version = TLS 1.2
If you do not see these options, please check that you have the required software version that supports TLS 1.2 protocol for each manufacturer.