Posted by Aaron on October 27, 2021
Comments (0)
This week we've seen reports of issues getting real-time shipping rates back from UPS's Rating API. We tracked the issue down to incompatible cipher suite support for TLS 1.2 between the server running BV Commerce and the UPS Rating API server. The intermittent nature of this problem seems to indicate that the change was made by UPS and was slowly rolled out to their server farm. Windows Server 2012 seems to be the most susceptible to this issue.
Using IIS Crypto's default cipher suite settings ...
[More]
Posted by Andrew on December 18, 2017
Comments (0)
The Payment Card Industry Security Standards Council (PCI SSC, or simply PCI) is enforcing a deadline for the transition to TLS 1.2.
All payment gateways, including Authorize.Net and PayPal, will require TLS 1.2. In turn, your site must support TLS 1.2 or you will be unable to process credit cards.
Other services, such as UPS, are also enforcing this requirement. If you recently experienced problems with UPS real-time rates on your store, this is likely the reason.
A non-exhaustive list of servi...
[More]
Posted by Aaron on April 06, 2017
Comments (0)
PCI Compliance requires that your website support TLS 1.2 for secure (https) connections. Only BV Commerce 2017 and above support TLS 1.2. Learn more about your options.
[More]
Posted by Noah on August 23, 2016
Comments (0)
Supporting TLS 1.0 today is an automatic PCI Compliance fail. Unfortunately, you still need it. Too many of your customers require it to make a secure (https) connection to your store.
[More]
Posted by Aaron on April 29, 2016
Comments (0)
We discovered a critical security vulnerability affecting BV Commerce 2013-2015 SP2. The vulnerability is specific to a feature not widely used, but we are strongly recommending that merchants apply the hotfix immediately.
[More]
Posted by Aaron on March 02, 2015
Comments (0)
Late last week we began receiving reports that UPS real-time rates were not displaying on merchant websites, and those reports have only intensified over the weekend. This issue does not affect all BV Commerce websites, but all versions can be affected.
[More]