AtData logo AtData logo
Navigation
AtData logo
AtData logo AtData logo

Deprecating TLSv1.0 and TLSv1.1

Feb 25, 2021   |   2 min read

Knowledge Center  ❯   Blog

In order to strengthen the security of our API platform, we are discontinuing support for Transport Layer Security (TLS) 1.0 and TLS 1.1 on the TowerData API on April 6, 2021.

Google, Microsoft, Cisco, Apple, and Mozilla have already ended browser support of TLS 1.0 and 1.1 as of March 2020. TowerData has carefully reviewed this upgrade to its TLS standards in line with the industry best practices and proposed deprecation by the Internet Engineering Task Force (IETF). TowerData’s client portal (https://instantdata.towerdata.com) already has this update in place.

Please ensure that you are using TLSv1.2 and above to avoid any disruption in your access to the TowerData API. This change will affect all connections to the following endpoints:

We’ll be performing this update on April 6, 2021.

In all likelihood, your systems are already up-to-date and using TLS 1.2.

Linux:

$ openssl ciphers -v | grep TLSv1.2

ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD

The output should show TLSv1.2 ciphers with at least one overlap with the list of supported ciphers below. If not, you’ll need to upgrade to a newer version of OpenSSL (v1.0.1 or later).

See: https://www.openssl.org/

Windows:

If you’re running Server 2008 or 2012, TLS 1.2 support was not available by default, so you’ll want to make sure you have the relevant updates installed in order to support TLS 1.2. If you’re running Server 2012 R2, 2016, or newer, TLS 1.2 should already be installed and default.

See: https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi

Testing:

You may test your system’s ability to connect via TLS 1.2 with this endpoint: https://testtls.towerdata.com

This test site is not a functioning API. It will return an empty JSON string (“{}”) for all requests. It is not running on the same platform as our production API, but it is using an identical cipher suite. So it should only be used for testing your system’s ability to connect via TLS 1.2.

$ curl https://testtls.towerdata.com/

{}

Supported ciphers:

ECDHE-ECDSA-AES128-GCM-SHA256

ECDHE-RSA-AES128-GCM-SHA256

ECDHE-ECDSA-AES128-SHA256

ECDHE-RSA-AES128-SHA256

ECDHE-ECDSA-AES128-SHA

ECDHE-RSA-AES128-SHA

ECDHE-ECDSA-AES256-GCM-SHA384

ECDHE-RSA-AES256-GCM-SHA384

ECDHE-ECDSA-AES256-SHA384

ECDHE-RSA-AES256-SHA384

ECDHE-RSA-AES256-SHA

ECDHE-ECDSA-AES256-SHA

AES128-GCM-SHA256

AES128-SHA256

AES128-SHA

AES256-GCM-SHA384

AES256-SHA256

AES256-SHA

Please contact [email protected] (646-742-1771 x3) with any questions.

References:

https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-06.html

https://security.googleblog.com/2018/10/modernizing-transport-security.html

https://docs.microsoft.com/en-us/office365/troubleshoot/o365-security/tls-1-2-in-office-365-gcc

https://support.umbrella.com/hc/en-us/articles/360033350851-End-of-Life-for-TLS-1-0-1-1-

AtData Selected as a Finalist in FinTech Futures’ Banking Tech Awards

AtData has been named a finalist in this prestigious award program which recognizes AtData's commitment to safeguarding digital assets and promoting trust in the rapidly evolving financial landscape.
Press Releases
Email as the Core of Digital Identity: The AtData Story

Have you ever considered how central your email address is to your digital life? This is at the heart of AtData’s journey of innovation and transformation spanning over two decades focused on the email in digital identity.
Blog
Discussing Fraud Detection and Prevention with FinTech Futures

AtData sat down with FinTech Futures at Fintech Meetup in Las Vegas to discuss how financial services can strengthen fraud prevention strategies utilizing email address intelligence.
Interviews   Videos

Talk with an Email Expert