CCAvenue TLS Mandate 1.2

TLS MANDATE

Important Notification Regarding TLS 1.2 Protocol Mandate

WHAT IS THE TLS MANDATE?

The Payment Card Industry ("PCI") council, as well as Visa and MasterCard, have issued a mandate that all Merchants and Service Providers configure their systems to use the TLS 1.2 standard for secure connections between systems. This means systems must disable SSL and earlier versions of TLS as they will no longer be compliant and will not be allowed to connect.

REFERENCES: PCI Council: Migrating from SSL and Early TLS

Note: In view of this, effective from 1st July 2018, CCAvenue will no longer support TLS 1.0 and TLS 1.1 over HTTPS on the www.ccavenue.com and secure.ccavenue.com domain.

Who Is Impacted?

All CCAvenue customers and merchants accessing any CCAvenue solution must upgrade /configure systems for use of TLS 1.2. This is a security requirement regardless if the data being accessed is PCI related or not. As this is an industry-wide initiative, your IT organizations should already be determining what actions are required to comply, including applications and systems beyond those connecting to CCAvenue.

Upgrade Requirements

There are two primary methods for communicating with CCAvenue PG:

Connecting to CCAvenue via a Web Browser while processing Transactions.

Connecting to CCAvenue via API Calls.

How to Test?

You may use our integration and API kits and hit the below mentioned UAT URLs enabled for TLS 1.2.

Application	Module	UAT URLs
New CCAvenue PG	API	https://logintest.ccavenue.com/apis/servlet/DoWebTrans
	Transactions	https://test.ccavenue.com/
For those using the Old CCAvenue PG	API	Order Status Tracker https://cctest.ccavenue.com/servlet/new_txn.OrderStatusTracker Refund API Link https:// cctest.ccavenue.com/servlet/ccav.Refund_NetBnk
	Transactions	Redirect Billing Page Integration https://cctest.ccavenue.com/shopzone/cc_details.jsp Seamless Credit card https://cctest.ccavenue.com /servlet/new_txn.MotoTrans Seamless Netbanking https://cctest.ccavenue.com/servlet/new_txn.PaymentIntegration

Steps to Migrate to TLS 1.2

Listing sample changes for JAVA applications:

If you are using jdk 1.8 and above, there would be no changes required as it uses TLS 1.2 by default.
If you are using jdk 1.7, you need to make changes in your code to use TLS 1.2 protocol. For your reference, here is a sample java code.
Example:
System.setProperty("https.protocols", "TLSv1.2");
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
If you are using jdk 1.6 and below, you have to mandatorily upgrade to latest jdk version, as jdk 1.6 does not support TLS 1.2 Protocol.

URLs for your reference:

CCAvenue applications accessed via Web Browser:

Customers must ensure they are using compatible browsers with appropriate configurations. In case of any TLS related errors, please upgrade the browser to the latest version.

We would be happy to help you ensure compatibility in any way we can. Please feel free to get in touch with us at service@ccavenue.com in case of any concerns. In case you wish to speak to us, you may call 022-67425555 EXT: 401-409

CCAvenue is an end-to-end PCI-DSS Compliant payment-processing solution provider, catering to nearly 3 million merchants across all payments businesses. With its path-breaking technology in the Fintech space, CCAvenue is committed to redefine user experience, improve transaction success rates and increase the earning potential of web merchants exponentially.

Our comprehensive platform offers business enhancement tools that provide unparalleled product differentiation and are meticulously designed to expand the customer reach of our web merchants, taking their online businesses to the next level.