Please note if the country where your business is registered is not listed, you will require a third party merchant account with one of our acquiring bank partners.

A merchant account is separate from your business account, set up with an acquiring bank, which enables you to accept payments by credit and debit card.

See a full list of our acquiring bank partners here

Close

TLS/Cipher Suite Uplift

Frequently Asked Questions

 

What is TLS?

Transport Layer Security (TLS) is a cryptographic protocol used to establish a secure communications channel between two systems – you and Realex.  It is used to authenticate one or both systems and protect the confidentiality and integrity of information that passes between systems.

 

Why are you ending support for TLS 1.0, 1.1 and uplifting cipher suite?

In order to continue to adhere to Security best practice regarding strong cryptography standards.

 

What is being updated and when?

Full details of upgrades taking place and relevant dates are listed at the end of this page.

 

How can I protect my company?

Migrating to TLS 1.2 is the only reliable method to ensure to continue to protect your business from emerging TLS protocol vulnerabilities.

 

How do I find out if my payments will continue to process after the removal of TLS 1.0, 1.1 and the weaker ciphers?

You or your developer will need to ensure you can process test transactions in our sandbox environment to verify you can successfully connect to Realex prior to the TLS/cipher suite change.

 

I take payments over the phone only using the Virtual Terminal or RealControl – Does this affect me?

All major up-to-date browsers will support TLS 1.2 and stronger ciphers. If you use our hosted applications, e.g. the Virtual Terminal or Real Control, we do not anticipate any interruption to your ability to access our services however you must verify you are using an up to date browser version (see table below for supported browsers).

 

I use the Hosted Payment Page to process my transactions. Will this affect my customers?

All major up-to-date browsers will support TLS 1.2 and stronger ciphers. With this in mind, we do not anticipate any interruption to your customers’ ability to access the payment screen as long as their browser is up to date(see table below for supported browsers).

Supported Browsers Notes
Google Chrome version 30+
Google Android OS browser version 4.1+ For the Android SDK, version 4.4+ is needed
Mozilla Firefox version 24+
Microsoft IE version 8+ (EXCLUDING Windows Vista, XP and earlier). Must be on Windows 7 or higher. Note: With IE 8 and 9 – TLS 1.2 is disabled by default.
Microsoft Edge
Microsoft IE Mobile Version 10+
Opera version 17+
Apple Safari version 7+
Apple Safari version 5+ (on IOS 5+)

 

I’m using a Shopping Cart platform – Does this affect me?

If your website is fully hosted and maintained by your shopping cart provider, e.g. Shopify or ekmPowershop; we have contacted the most popular fully hosted carts to coordinate the changeover with them. However, we strongly advise you contact them yourself to ensure they are aware of these changes.

If a 3rd Party developer or agency manages your shopping cart and website, please ensure to contact them to notify them of this change and to ensure your site is ready in time.

If you or an in-house developer manages the hosting and maintenance of your shopping cart and website, please contact them and your hosting company to notify them of this change and to ensure your site is ready in time.

 

What is being updated and when?

Test Environment – 2nd March 2017

We are upgrading the test environment first so that you can test your system before we make the updates in the live environment. These upgrades will apply to the below Realex Payments Sandbox URLs and Ciphers listed at the end of this guide. Test cards are located on our Developer Hub.

Sandbox URL
Real Control https://realcontrol.sandbox.realexpayments.com
Virtual Terminal https://vt.sandbox.payandshop.com
Hosted Payment Page 2 https://epage.sandbox.payandshop.com/epage.cgi1
https://hpp.sandbox.realexpayments.com/pay
API https://epage.sandbox.payandshop.com/epage-remote.cgi
https://epage.sandbox.payandshop.com/epage-remote-plugins.cgi
https://epage.sandbox.payandshop.com/epage-files.cgi

 

1If you connect to Realex Payments using the https://epage.payandshop.com/epage.cgi URL – you must ensure you can successfully process test transactions on the below URL:

https://epage.sandbox.payandshop.com/epage.cgi

2 If you are accepting card details via HPP (Hosted Payment Page) – you will also need to ensure that your system has the ability to accept a HPP transaction response back from Realex Payments using TLS version 1.2 and one of the Ciphers listed above.

 

Live Environment Phase 1 Upgrades – Virtual Terminal and Real Control – 13th April 2017

We will be upgrading the Virtual Terminal and RealControl. From this date, the below URLs will support only TLS 1.2 and the 6 Recommended/Supported ciphers listed above.

The updates will apply to the following Realex Payments URLs:

Existing URL
Real Control https://emerchant.payandshop.com
https://realcontrol.realexpayments.com
Virtual Terminal https://vt.payandshop.com

 

Live Environment Phase 2 Upgrades – Hosted Payment Page and API – 8th August 2017

a) Hosted Payment Page:

We will be upgrading the Hosted Payment Page. The updates will apply to the following Realex Payments URLs:

Existing URL
https://hpp.realexpayments.com/pay
https://epage.payandshop.com/epage.cgi

 

Please note – If you are processing payments using our Hosted Payment Page (HPP), please ensure to carefully read the additional testing notes above regarding HPP. In order to ensure you can continue to process payments before and after the upgrade, you should enable TLS 1.2 and the new cipher suites while leaving the TLS version and cipher suites you currently support in place until we have made the uplift, on 8th August 2017. After the uplift is made, TLS 1.0 and 1.1 and any unnecessary ciphers can be removed.

b) API:

We will be upgrading our API. The updates will apply to the following Realex Payments URLs:

Existing URL
https://epage.payandshop.com/epage-remote.cgi
https://epage.payandshop.com/epage-remote-plugins.cgi
https://epage.payandshop.com/epage-files.cgi

 

If you are using our API integration, in order to ensure you can continue to process payments before and after the upgrade, you will need to enable new cipher suites and leave the current ones in place until we have made the uplift, on 8th August 2017. After the uplift is made, the additional ciphers can be removed.

From 8th August 2017, our Hosted Payment Page and API will support only TLS 1.2 and the 6 Recommended/Supported ciphers listed below.

Cipher Suite Uplift
Along with the discontinuation of support of TLS 1.0 and 1.1, this upgrade will also include the uplift of the cipher suite used for encryption. The table below outlines the Recommended and Supported Ciphers which will be available after the upgrade is completed.

Cipher Status
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Recommended
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Recommended
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Supported
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Supported
TLS_RSA_WITH_AES_256_GCM_SHA384 Supported
TLS_RSA_WITH_AES_128_GCM_SHA256 Supported