Payment Card Industry (PCI) requires Transport Layer Security (TLS) 1.1 or 1.2 in order to be in compliance when processing credit card transactions.
In accordance with these guidelines, Paya (formerly Sage Payment Solutions) will be turning off communication to services using TLS 1.0 on June 25, 2018 so as to meet the PCI Security Standard Councils mandated deadline of June 30, 2018. What this means for Sage 100 Users processing credit cards is Sage Exchange Desktop (SED) 1.0 will no longer function as of 6/25/18. Please locate your version of Sage 100 below to determine how this will affect you.
Sage 100 2017 and Sage 100 2018 versions
These versions of Sage 100 utilize SED 2.0 to process credit cards via the vault. SED 2.0 adheres to the TLS 1.1 & 1.2 protocols. Users should ensure they are on the most recent version of 2.0, but no additional action is required.
Sage 100 2015 and Sage 100 2016 versions
These versions of Sage 100 natively utilize SED 1.0 to process credit cards via the vault. If you are running these versions you will need to uninstall SED 1.0 and install 2.0 by 6/25/18 to continue processing credit cards within Sage 100. Please note Sage has released a hot fix which will also need to be loaded in order to make these versions compatible with 2.0.
Sage 100 2013 and Sage 100 2014 versions
These versions of Sage 100 natively utilize SED 1.0 to process credit cards via the vault. Unfortunately, as these versions of Sage 100 are no longer supported a hot fix has not been released to make them compatible with SED 2.0. As such users on these versions will no longer be able to process credit cards from within Sage as of 6/25/18. Instead if they wish to continue processing they will have to run the transactions directly through Paya’s terminal and then record the transaction in Sage 100. To continue processing from within Sage users should upgrade to v2015 or higher.
MAS 90/100 versions 4.1 to 4.5
These versions of Sage allow for credit card processing but do so without the use of the vault. As such they utilize Paya’s legacy API’s instead of SED. These legacy API’s will continue to be supported by Paya and should allow users to continue to process credit cards from within Sage after 6/25/18. However, these versions are no longer supported by Sage and therefore there is no guarantee how long processing will continue to work and additional action should be taken to ensure systems are compliant with the TLS 1.1 & 1.2 protocols. For information on enabling these protocols visit https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in. The best way to ensure compatibility and compliance is to upgrade to v2015 or higher.
Please visit the below links for additional information and guidance regarding the information above.