ATM Security Update: How To Enable TLS 1.2 Protocol

The Announcement

The PCI Security Standards Council has mandated that the use of SSL and Early TLS (i.e. TLS 1.0) protocols be discontinued effective June 26, 2018. All network providers and processors are making preparations to ensure they are compliant by the June 26, 2018 deadline. To prevent any downtime, make sure your ATM terminals have been updated with the latest software and security certificates. NOTE: This does not include TLS 1.1 or higher.

After this date, ALL ATMs using SSL or Early TLS (i.e. TLS 1.0) communications protocol will stop communicating to the Host and fail to process any transactions.

What Does This Mean?

  • Network providers are already handling the TLS 1.2 communications protocol. Therefore, as soon as possible, set the communication protocol on your ATMs to use TLS 1.2 communication protocol.
  • Anytime you visit a direct connect TCP/IP communicating ATM verify that TLS 1.2 is set.

In order to continue processing transactions …

  • TLS 1.2 Protocol MUST be enabled on your ATM Machine

Do I Need to Enable TLS 1.2?

You NEED to Enable TLS 1.2 if …

  • Your ATM is communicating via Hardwired Internet connection (TCP/IP)

You DO NOT need to Enable TLS 1.2 if …

  • Your ATM uses a phone line or wireless modem. Your machine will not be impacted if it is communicating via a phone line or cellular wireless device box already on TLS 1.2.
    • How do I know if my wireless box is TLS 1.2?

      • The chances of you having a wireless box that is not already on TLS 1.2 are low. If you are having trouble with your wireless device please call ATMDepot.com at 888.959.2269, or your Wireless Provider, with your device’s serial number. It is best to make the request while at the location where the device is in service. Our wireless department can update your device remotely.

Do I Have TLS 1.2?

If you are using software higher than the one listed below, your ATMs should function normally after April 30, 2018. It is still good practice to confirm TLS 1.2 is enabled on each of your machines.

Hyosung

– WinCE 5.0: AP V01.04.19
– WinCE 6.0: AP V6.01.13

Genmega/Hantle/Tranax

– V05.00.19

How to Enable TLS 1.2 Protocol

Hyosung

Customer Setup > Select Processor > TCP/IP Type

  1. SLS/TLS = Enable
  2. SLS/TLS Version = Up to TLS v1.2

Genmega/Hantle/Tranax

Customer Setup > Change Processor > SSL Pass Through > SSL > SSL Version = TLS 1.2


If you do not see these options, please check that you have the required software version that supports TLS 1.2 protocol for each manufacturer.

Recommendations

  • Keep Your Software Up-to-Date

    Keep your ATMs updated with the latest software to be compliant. Listed below are the latest software versions:

    Hyosung

    – WinCE 5.0:  V01.04.31
    – WinCE 6.0:  V06.01.31

    Genmega/Hantle/Tranax

    – V05.00.31a

  • Confirm EMV Enabled

    While you are updating the software on your terminal, it is important to also check that EMV is Enabled.

    The MasterCard EMV Liability Shift occurred on Friday, October 21, 2016. ATM owners are liable for fraudulent MasterCard transactions if machines are not EMV compliant.

    Hyosung

    Operator Functions > Customer Setup > Optional Function 1 > EMV > Enable

    Genmega/Hantle/Tranax

    Operator Functions > Customer Setup > Option Function > EMV – Enable

How to Enable TLS 1.2 – Infographic

How to Enable TLS 1.2
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

66 − = 56