Merchant Information Media

2016 Security Updates

In 2016, you may need to do an update to your terminal and/or browser. This should be easy and we can rapidly walk you through what needs to be done. The updates need to get done by October 1, 2016. Here is a description of what is happening and why.

The first security update pertains to most merchants. The change is to the security certificate used to verify you are who you say you are when you send Internet communications. The update is from SHA 13 to SHA 2. Why is this happening? Because unfortunately, hackers and criminals have broken SHA 1. SHA 2 has been released to handle that. This guideline tells you what you need to do based on how you are set up to take payments.

UMS Banking Payment Button


Microsoft Edge

The second security update is to your Internet browser. When browsers send and receive data, when the URL has an ‘s’ at the end of the “http” making it “https”, they are sending it securely, meaning they scramble the data so that no one else can intercept and read it.

They use something called the TLS3 protocol to do this. If you regularly update your browser version, you are probably already using a version which supports TLS Version 1.24. Below is a list of browsers that support TLS Version 1.2.

  • Google Chrome Version 30 and higher
  • Google Android 5.0 and higher
  • Firefox Version 27 and higher
  • Microsoft Internet Explorer and Internet Explorer Mobile Version 11 and higher
  • Microsoft Edge (Windows 10)
  • Opera Version 12 and higher
  • Apple® Safari Version 5 and higher

At some point before October, you will want to verify that you’re using an updated version of your preferred Internet browser. The card brands (Visa®, MasterCard®, Discover®, AMEX®, etc.) have mandated these changes so that card numbers don’t get stolen when that data is travelling through the Internet. These need to be done in order to continue processing cards.

MasterCard Changes

Also in October, MasterCard is introducing a new series of Bank Identification Numbers (BINs)5. What that means is that some MasterCard cards will now start with a “2” instead of the usual ‘5’. In order to be sure that you can process these cards, Customer Service will need to update you.

Summary

These changes will help protect your security and allow you to process all the cards that customers want to use. So stay tuned for a call from your Customer Service Rep contacting you to make these changes.


1 A protocol is a set of rules between two communication points for the relay of digital information.
2 SHA stands for Secure Hash Algorithm. It is basically a formula (algorithm) that scrambles (encrypts) data sent from one place to another.
3 TLS stands for Transport Layer Security
4 For more information, go to https://en.wikipedia.org/wiki/Template:TLS/SSL_support_history_of_web_browsers.
5 BIN stands for Bank Identification Number, and is the first four to six digits of a credit card. The bank identification number identifies the financial institution issuing the card. It is critical to the correct matching of transactions to the issuer of the charge card. The first number in the series designates which card “brand” is being used: 2 (new) and 5 = Mastercard; 3 = American Express; 4 = Visa; 6 = Discover.

Merchant Resources

Welcome and congratulations on obtaining your new merchant bankcard processing account. Your credit card processing services will be provided by UMS Banking (United Merchant Services of California, Inc.) and powered by the authorization processing of Global Payments Direct, Inc. Together, our goal is to ensure that you have all the information necessary to help your business grow. We encourage you to study both the Card Acceptance Guidelines, provided for you on this page, as well as the Card Services Terms & Conditions.

Merchant Regulatory Requirements

Click here for regulatory issues you need to be aware of.


Frequently Asked Questions

If you have a problem or question not answered on this page, please contact Help Desk Support