Transport Layer Security (TLS) is a protocol used by applications to communicate securely across a network. In order to better protect your data and that of your users, as of March 1, 2018, Turbify no longer support TLS 1.0 encryption. After that date, we will support only TLS versions 1.1 and 1.2. We’re doing this to ensure that our stores are as secure as possible and in keeping with Payment Card Industry (PCI) guidelines.

Frequently Asked Questions

Why is TLS 1.0 being discontinued?

• TLS 1.0 was originally specified in January of 1999. Since then, vulnerabilities have been discovered in TLS 1.0. These vulnerabilities have been addressed and other improvements made in later versions of TLS.

Who is affected by this change?

• This change will primarily affect those merchants who use Turbify APIs to transfer order, payment, checkout, and/or catalog data. Some visitors using older web browsers that don't support TLS higher than 1.0 will also be unable to make a purchase from your store--however, our records indicate that these older browsers account for less than 1% of total traffic to our stores. See affected browsers below.

How are my API connections affected?

• APIs that attempt to connect via TLS 1.0 after March 1, 2018, will fail. API connections using TLS 1.1 or 1.2 will succeed.

What should I do next?

• If you don't use our APIs as described above, you don't need to do anything related to this change. If you do use our APIs, please contact your developer to ensure that they’re ready for the transition. Any Java, .NET, or other services that communicate with us via API will need to do so using TLS 1.1 or 1.2 encryption.

Which web browsers are affected by this update?

• Please note that this list is not exhaustive:

Note: For information regarding TLS and FTPS, see this Help Page.