Transport Layer Security (TLS) 1.2

Handy step-by-step instructions

Contact us to create your merchant account and start accepting and making payments in minutes

Get started

The PCI Security Standards Council is requiring all payment processors and merchants to move to TLS1.2 by June 30, 2018.

Transport Layer Security (TLS) is a cryptographic protocol used to establish a secure communications channel between two systems. It's used to authenticate one or both systems, and protect the confidentiality and integrity of information that passes between systems. TLS 1.0 is an updated version of the Secure Sockets Layer (SSL) protocol, and TLS 1.1 and 1.2 have built on top of that with increasingly enhanced security.

We recommend you upgrade by following our handy step-by-step instructions below before our cut-off date for the TLS1.2 requirement of May 31, 2018.


tls

I am using Web Service communications and need to move to TLS 1.2

If you are communicating with MYOB (Paycorp) via an HTTPS connection to one of the following URLs on one of the following domains, then this section is for you.

Domains URLs

Paycorp (PYC)
- merchants.paycorp.com.au
- new-merchants.paycorp.com.au
- vault.paycorp.com.au
- merchants1.paycorp.com.au
- secure.globalpoint.com.au

- /paycentre/*
- /paycentre2/*
- /paycentre3/*
- /paycorp-webservice/InterfaceServlet
- /rest/*
- /vault/VaultWebProxy
- /webinterface/*
Paycorp (PYC)
- webservices.paycorp.com.au
- new-webservices.paycorp.com.au
- /wsi/services/*
- /vault/services/*
- /vault/VaultWebProxy
- /fraud-controller/registration/update/*
Bank of New Zealand (BNZ)
- www.buylineplus.co.nz
- /hosted/*
- /rest/*

More recent versions of Java 7 (as of 1.7.0_131) and 8 support TLSv1.2 by default, so you should upgrade your Java version and that will upgrade the SSL protocol of your HTTPS connections to TLSv1.2.

In recent version of Java the support for 256-bit cryptography has been disabled by default. You will need to download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files here:

Replace the local_policy.jar and US_export_policy.jar jars files in your lib/security in JRE directory.

If you are unable to upgrade Java and you are running on earlier versions of Java 7, you should be able to enable TLSv1.2 by adding following flags to your Java command line arguments:

  • Dhttps.protocols=TLSv1.2
  • Dhttps.cipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA256

In order to trace SSL requests, please add following flag to your Java command line arguments: -Djavax.net.debug=ssl

Please refer to the relevant technology stack documentation on upgrading to TLSv1.2.

.NET: https://blogs.perficient.com/microsoft/2016/04/tsl-1-2-and-net-support/


tls

I’m using Webpay Transaction Server (WTS) gateway communications and need to move to TLS1.2

If you are communicating with Paycorp via Webpay Client SDK (Java, Microsoft .NET developer platform
(.NET), etc.) or via opening a direct socket connection to one of the following endpoints, then this section is for you.

Paycorp (PYC)
- merchants.paycorp.com.au:3006 - PYC Live
- merchants.paycorp.com.au:3007 - PYC Test
- merchants.paycorp.com.au:4006 - PYC Live (compatibility mode)
- merchants.paycorp.com.au:4007 - PYC Test (compatibility mode)
Bank of New Zealand (BNZ)
- www.buylineplus.co.nz:3006 = BNZ Live
- www.buylineplus.co.nz:3007 = BNZ Test
- www.buylineplus.co.nz:3008 = BNZ Test
- www.buylineplus.co.nz:4006 = BNZ Live (compatibility mode)
- www.buylineplus.co.nz:4007 = BNZ Test (compatibility mode)

Please note that compatibility mode endpoints above were there for SSLv3 support only and they will not be supported after restricting SSL protocols to TLSv1.2 only. If you were using one of the compatibility mode endpoints above, please change your configuration to appropriate Live or Test endpoint once you have upgraded to TLSv1.2.

You need to upgrade to Java webpayClient-4.0.5, available on request. It is a backward compatible Software Developer Kit (SDK), targeted to work as a drop-in replacement.

  • Microsoft .NET developer platform (.NET) API – Please contact us to discuss your upgrade path
  • WebServices API – Please contact us to discuss your upgrade path
  • Active Template Library (ATL) – This technology is no longer supported, please contact us to discuss your upgrade path.
  • OLE control extension (OCX) – This technology is no longer supported, please contact us to discuss your upgrade path.
  • PHP API - PHP uses OpenSSL for secure communications and therefore depends on the operating system version and OpenSSL library version. Please ensure that TLSv1.2 is supported by your operating system and OpenSSL library

tls

Test environment details

We encourage you to use our pre-prod environment to test your TLSv1.2 upgrade. As of 3rd of April 2018 our pre-prod environment will only support TLSv1.2 SSL protocol.

Please use following domain names for all your REpresentational State Transfer
(REST) calls to our pre-prod environment.

PROD Domains PRE-PROD Domains
Paycorp (PYC)
- merchants.paycorp.com.au
- new-merchants.paycorp.com.au
- vault.paycorp.com.au
- merchants1.paycorp.com.au
- secure.globalpoint.com.au
- test-merchants.paycorp-com-au
Paycorp (PYC)
- webservices.paycorp.com.au
- new-webservices.paycorp.com.au
- test-ws.paycorp.com.au
Bank of New Zealand (BNZ)
www.buylineplus.co.nz
- test-bnz.paycorp.com.au

Please use following endpoints for all your WTS Gateway socket connections.

Paycorp (PYC)
- test-merchants.paycorp.com.au:3006 - PYC Live
- test-merchants.paycorp.com.au:3007 - PYC Test
Bank of New Zealand (BNZ)
- test-bnz.paycorp.com.au:3006 = BNZ Live
- test-bnz.paycorp.com.au:3007 = BNZ Test

tls

I am using the MYOB PayBy (Paycorp) payment page in a browser iframe

If your implementation of the MYOB PayBy (Paycorp) payment page is within an iframe on a browser, the browser determines the TLS version used. All major browsers (Chrome, Firefox, Internet Explorer, Safari and Opera) support TLS v1.2 by default. For more information about TLS browser support click here.


We’ll be adding regular updates to this support page so come back to stay up to date on TLSv1.2.

Last modified date 5th April 2018

Contact us

email

Need further info about MYOB PayBy?

We're here to help. Get in touch and we'll get back to you as soon as we can

Contact us
bubble-chat

Technical support

Our developers can be reached here with any technical questions you have

Contact our tech team