Security Protocol – think of it as the language a client (customer web browser) and server (Birkman Direct, Store, etc...) negotiate to communicate in. We all speak the English language, which we have previously negotiated to communicate in, but if someone chooses to speak in German, and you don't know it, then you can't communicate.
The historical order of security protocols used on the internet have been:
1. SSL version 1.0 (never publicly released)
2. SSL version 2.0 (introduced 1995, deprecated 2011)
3. SSL version 3.0 (introduced 1996, broken in 2014)
4. TLS version 1.0 (introduced January 1999, deprecated June 2018)
5. TLS version 1.1 (introduced April 2006, recommended for deprecation June 2018)
6. TLS version 1.2 (introduced August 2008, current)
7. TLS version 1.3 (introduced January 2018, current)
Important dates to know:
1. *February 28 – Authorize.net requires all connections to use TLS 1.2
a. Affected: People paying invoices online who haven't upgraded their web browser and/or system.
2. March 15 – Chrome Beta – invalidate certificates
a. Affected: only beta users of Chrome Beta. Further investigation has found that Firefox *may* mirror Chrome's release dates, but no hard reference has been found
3. April 20 – Chrome – invalidate certificates
a. Affected: all users using Chrome, and possibly Firefox 4. May – Firefox – invalidate certificates (https://wiki.mozilla.org/CA:Symantec_Issues). Note, this is the only officially published date found for Firefox, and is written as if it is a comment.
5. *June 30 – PCI compliance required date