Q: What is a cipher suite?
A: A cipher suite is used to establish a secure connection between you, the merchant, and DIBS the payment service provider. Both the merchant and the payment service provider have a long list of supported cipher suites and in order for the communication to work and both parties must have at least one cipher suite in common.
Q: What is a weak cipher suite?
A: A weak cipher suite is a cipher suite that has been deemed to be insecure due to its encryption strength or have security flaws that could be abused by an attacker.
Q: Why do I have to remove the weak ciphers now?
A: DIBS is continuously working to keep and further secure our services. The removal of weak cipher suites is a continuation of this work.
Q: Which part of the integration does this affect?
A: These changes only affects requests sent to our API and does not affect communication towards our hosted payment window.
Q: What do I as a merchant need to do?
A: The task to validate supported cipher suites and removing the weak ones is a technical task that will require handling by either your IT department or website/webshop service provider. Detailed technical information explaining which cipher suites has to be removed and which cipher suites DIBS will support after February 15 2017 is listed here.
Q: How much work is it to change this?
A: Most merchants already use the approved ciphers or have to make a minor configuration change, but for some it will be a larger task to update their website or webshop to only support secure cipher suites.
Q: How does this affect me as a customer?
A: You will need to remove the weak cipher suites before February 15 2017 in order to get your transactions approved thereafter.
Q: What happens if I, the merchant, does not have time to remove weak ciphers and possibly add new cipher suites?
A: It will not be possible to establish a network connection if you and DIBS do not share common cipher suites this means that transactions will not be processed by DIBS on your behalf.
Q: Why do I only get 60 days notice to solve this issue?
A: New software vulnerabilities are discovered every day and it is not always possible to predict when new software vulnerabilities are discovered. DIBS always work for making sure to provide the highest security possible, which means that we can’t provide a longer deadline in this case.
Q: Which cipher suites are ok to use?
A: Please find the list of supported and not supported cipher suites here: LIST