Skip to main content

TLS 1.2 upgrade

What is TLS?

Transport Layer Security (TLS) is a cryptographic protocol used to provide encryption over a network. You may already be familiar with Secure Sockets Layer (SSL), the predecessor to TLS. When you visit a web page and see 'HTTPS' in the URL, that indicates that the web page is sent over an encrypted connection.

Our REST and SOAP APIs use the same methods of encryption. TLS 1.2 is the latest version of TLS and has been around for ~10 years. It's well supported in web browsers and modern operating systems. TLS 1.2 represents the industry benchmark for encryption and will ensure the highest level of security for your data.

What's changed?

In 2018 (contact your local support team for an exact date) we began migrating to TLS 1.2, making it and SFTP the only cryptographic protocols compatible with Experian Data Quality’s hosted products.

This means that connections using SSLv3, TLS 1.0, and TLS 1.1 are no longer provided for our hosted products, including both websites and API calls. In addition, connections using the RC4 cypher suite are no longer supported

What do I need to do?

If you're connecting to one of our SaaS portal websites, you have to use a modern browser with TLS 1.2 support. 

If you're using one of our hosted products, you have to ensure that your environment supports connecting with TLS 1.2.

Compatibility diagram

This diagram illustrates which technologies might require testing, are likely to require a potential reconfiguration, or will most likely need major changes to your integration in order to be compliant with TLS 1.2:



SSL certificates

If your infrastructure requires manually installing SSL certificate chains, we recommend using the SSL Labs Test Tool to show a list of and download the required certificates.

Address Validate SOAP API

What if my connection fails?

Our recommended option: investigate which parts of your environment are causing the connection issue.

Please see the compatibility diagram for details. You may have to upgrade some of the components.

Other options:

  • Implement one of a number of commercial, free or open source proxy forwarding tools. Please note that this will be done at your own risk.
  • Disable the address search until one of the above is implemented.

Address, Phone and Email REST APIs

What if my connection fails?

Our recommended option: investigate which parts of your environment are causing the connection issue.

Please see the compatibility diagram for details. You may have to upgrade some of the components.

Other options:

  • Update the integration from server to client side. Please contact support if you’d like to proceed with this option.
  • Implement one of a number of commercial, free or open source proxy forwarding tools. Please note that this will be done at your own risk.
  • Disable the address/phone/email search until one of the above is implemented.

Capture Application

You have to re-install all Capture Application client instances, replacing them with the latest version which supports TLS 1.2. To get it:
1. Log into the Self Service Portal.
2. Go to Products > Capture Application.
3. Follow the instructions and click Download Capture when ready.

Note that Capture Application has to be run on Windows 7, Windows Server 2008 R2 (or above) to connect using TLS 1.2.

Electronic Updates

For users of the Electronic Updates Windows Client, a new version of Electronic Updates is available for download from updates.qas.com.
If you've got a custom REST API integration or use the sample code, please see the compatibility diagram to ensure that the middleware will work with TLSv1.2.
Where appropriate, we strongly recommend .NET 4.6 or Java 8. For integrations using OpenSSL (e.g. Ruby or Python), use v1.0.1. For Python, v2.7.9 and above or v3.6 and above.

EDQ for Magento

What if my connection fails?

Our recommended option: investigate which parts of your environment are causing the connection issue.

Please see the compatibility diagram for details. You may have to upgrade some of the components.

Other options:

  • Implement one of a number of commercial, free or open source proxy forwarding tools. Please note that this will be done at your own risk.
  • Disable the address search until one of the above is implemented

EDQ for MSCRM

What if my connection fails?

Our recommended option: investigate which parts of your environment are causing the connection issue.

Please see the compatibility diagram for details. You may have to upgrade some of the components.

Other options:

  • Implement one of a number of commercial, free or open source proxy forwarding tools. Please note that this will be done at your own risk.
  • Disable the address search until one of the above is implemented

Email Validate (Legacy)

What if my connection fails?

Our recommended option: investigate which parts of your environment are causing the connection issue.

Please see the compatibility diagram for details. You may have to upgrade some of the components.

Other options:

  • Implement one of a number of commercial, free or open source proxy forwarding tools. Please note that this will be done at your own risk.
  • Disable the email validation until one of the above is implemented

IST Watch / CorrectAddress Web Service

What if my connection fails?

Our recommended option: investigate which parts of your environment are causing the connection issue.

Please see the compatibility diagram for details. You may have to upgrade some of the components.

Other options:

  • Implement one of a number of commercial, free or open source proxy forwarding tools. Please note that this will be done at your own risk.
  • Disable the address search until one of the above is implemented

Prospect IQ

What if my connection fails?

Our recommended option: investigate which parts of your environment are causing the connection issue.

Please see the compatibility diagram for details. You may have to upgrade some of the components.

Other options:

  • Implement one of a number of commercial, free or open source proxy forwarding tools. Please note that this will be done at your own risk.
  • Disable the integration until one of the above is implemented

For further information, see the Prospect IQ user guide or contact support.

Product not listed?

Contact support