In order to keep you up to date with the latest industry changes, here are a few FAQs about the recent security update.
In the coming months all payment providers are required to upgrade their systems to only allow SHA-2 in order to order to increase their security and keep pace with industry standards. Opayo will be making these changes along with other providers.
SHA is otherwise known as "Secure Hash Algorithm" and is the method used during the validation of a websites security certificate. Up until now SHA-1 has been the accepted method of doing this. Developed back in 1995 SHA-1 has been the preferred method of validation. This is also the method that is used by our current security certificate. Now due to the major web browsers withdrawing support for SHA-1 it is being phased out.
SHA-256 or SHA-2 as it is known is the newer more secure version of the algorithm and the preferred method for all security certificates. Over the coming months all browsers will phase out SHA-1 and replace this with SHA-2 (SHA-256). To address this issue, Opayo (along with the majority of other payment gateways and online banking web sites) are updating web certificates for all payment pages and forms.