Experian and TransUnion will no longer to use SSL 3.0

Both Experian and TransUnion have decided to no longer support SSL 3.0 encryption when connecting to them over HTTPS (the secure connection that Easy Access uses). Experian’s deadline for their production site is February 6th, 2015 and TransUnion’s deadline is March 31st, 2015. All the connectivity using HTTPS for both bureaus must use TLS Version 1.0 or higher. It is probably just a matter of time until Equifax follows suit.

Each bureau’s test sites have been forcing TLS for the last couple of months. The HTTPS component that has been used in Easy Access Online (all versions) automatically switches to TLS when connecting. So, no changes had to be made in Easy Access to support TLS.

While the HTTPS component does automatically change to TLS, and in all of our testing to the bureau’s individual test sites have been positive, I want to make sure that there isn’t a problem as the bureaus switch over. So in the next week or two, I will be releasing an update to Easy Access. This update will include additional code that will FORCE TLS if by chance Easy Access receives an error while connecting. While this probably is not necessary, I want to make sure that no one has any downtime.

If you would like to be notified when this update is available, visit the Contact Page on our website. On the left side of that page, there is a ‘Get Notified’ box. Submit your email and you will be notified by email when the update, or any update for that matter, is available.