DT - Important update history

On this page you can see previous important updates that DIBS have done. This is not a version history, but rather a historic collection of important updates.


31/5 - 2018

Change Description
TLSv1.0 and 1.1 final decomission Final decomission of TLSv1.0 and 1.1. All non TLSv1.2 calls are blocked.

 

3/5 - 2018

Change Description
Plain text FTP final decomission Final decomission of plain text FTP, only FTPS on port 21443 is accepted

 

26/2 - 2018

Change Description
DNS is required

DIBS changed from static to dynamic IP, which require merchants to use DNS when sending requests.

DNS:
securedt.dibspayment.com (Primary)
secure.incab.se (Secondary)
paymentreport.debitech.com (FTP)


87.48.72.70 or 87.48.72.74  - outgoing IP's for both primary and secondary


Note: HTTP reports are sent from the new outgoing IP, expect traffic from both old and new IP address during February and March

TLSv1.2 mandatory

Due to PCI DSS compliance, TLS versions prior to TLSv1.2 (unencrypted, TLSv1.0 and TLSv1.1) are no longer be supported and TLSv1.2 is mandatory without exeptions. Merchants are required to check that their systems support TLSv1.2.

To test which TLS versions and ciphers your server supports, there is an external page that can be used:
https://www.ssllabs.com/ssltest/

Important: SSL Labs is an external service provided by Qualys, Inc. DIBS do not take any responsibility for their services and are only providing the link as an example, of an external service that can be used to test the server.
Outdated integration methods will be decommissioned

Merchants using the following methods for transactions should switch to use the webservice API instead.

- DebiTechServer.jar file
Merchants using our DebiTechServer.jar java library will have to switch to use our webservice API instead.

- Refunds through java & com+ server-modules on port 444
Merchants doing refunds through our java & com+ server-modules on port 444 will need to use our webservice API instead. The functionality of doing refunds through port 444 is decommissioned. This change will not affect refunds in the DT Manager web portal.

The servlet will still continue to work, only calls using port 444 will be affected.
Using a certificate will no longer have any use, as it will not be verified on 443.

Documentation about the webservice API is available at https://tech.dibspayment.com/DT/API
Users in API requests

Due to compliance, API request with users other than API users are rejected. API users are created through DIBS Manager (Security > User accounts)

Secure connection to our FTP server

Due to PCI compliance, merchants using FTP on port 21 are required to use the secure FTPS on port 21443. Documentation about the FTP server is available at https://tech.dibspayment.com/DT/Toolbox/ftpreports

Click here to go back to upcoming updates, https://tech.dibspayment.com/dt-security-update