TLS 1.0 & 1.1 Deprecation for Melissa Web Services

Melissa will be deprecating and disabling Transport Layer Security (TLS) 1.0 and 1.1 for our web services. We will require that all applications that use our web services be able to establish a connection using TLS 1.2 or higher.

Why are you deprecating TLS 1.0 & 1.1?

TLS 1.0 and 1.1 are no longer considered to be secure. They do not support modern cryptographic algorithms and is proven to be vulnerable to exploits. Most major technology companies have either already deprecated TLS 1.0 and 1.1 or have committed to do so in 2020. These companies include Apple, Microsoft, Google, Mozilla, and Cisco. With this deprecation, clients will need to use TLS 1.2 which was introduced over a decade ago in 2008.

Security of our client data is a top priority here at Melissa. To that end, we undergo consistent security reviews and audits of our organization and services. In order to stay current with industry standards for privacy and security in our audits, we must close vulnerabilities like TLS 1.0 and 1.1.

What is the deprecation timeline?

We will be updating our services to disable TLS 1.0 and 1.1 the week of January 25th, 2021. Please make sure your application is compatible with TLS 1.2 before this date.

What will happen if I cannot connect using TLS 1.2 by the deadline?

If your application is unable to connect to our service using TLS 1.2 when we disable TLS 1.0 and 1.1, the connection will be rejected and you will not be able to connect to or use our web service.

What about TLS 1.3?

Adding support for TLS 1.3 is a top priority that we are working on as we speak. Rest assured, if your application supports TLS 1.3, it will also support TLS 1.2. When TLS 1.3 is available, your application will likely automatically migrate to the more secure protocol.

What about HTTP?

For some of these services, we have also made unencrypted HTTP version available in order to allow older technologies to access them. However, we will be requiring everyone use secure HTTPS in order to ensure security of your data.

What Melissa Services are affected?

Personator Consumer (https://personator.melissadata.net)
Personator Identity (https://globalpersonator.melissadata.net)
Personator Search (https://personatorsearch.melissadata.net)
Global Address (https://address.melissadata.net)
Global Express Entry (https://expressentry.melissadata.net)
Global Email (https://globalemail.melissadata.net)
Global Name (https://globalname.melissadata.net)
Global Phone (https://globalphone.melissadata.net)
Street Route (https://streetroute.melissadata.net)
IPLocator (https://globalip.melissadata.net)
BusinessCoder (https://businesscoder.melissadata.net)
Property V4 (https://property.melissadata.net)
Smartmover US (https://smartmover.melissadata.net)
Smartmover CA (https://smartmovercanada.melissadata.net)
ReverseGeo (https://reversegeo.melissadata.net)

How can I test if my application will work with TLS 1.2?

We have created a TLS 1.2 only version for all of the services that we host. To access this version, simply add the text “tlstest” to the first part of the domain preceding “.melissadata.net”. For example:

Regular Personator URL for XML/JSON: https://personator.melissadata.net/v3/WEB/ContactVerify/doContactVerify
TLS 1.2 Test URL: https://personatortlstest.melissadata.net/v3/WEB/ContactVerify/doContactVerify

Regular Global Address URL for SOAP: https://address.melissadata.net/v3/SOAP/GlobalAddress
TLS 1.2 Test URL: https://addresstlstest.melissadata.net/v3/SOAP/GlobalAddress

Note: These are two examples. The “TLSTest” version exists for all of our services.

Additional Information on Technologies & TLS 1.2

.NET

TLS 1.2 is supported in .NET framework 4.5 or higher. It can be enabled via registry or in code. For more information, please visit the Microsoft page: https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls

Java

TLS 1.2 is supported in JDK 7 (but not default) and default in JDK 8. For more information, please visit: https://blogs.oracle.com/java-platform-group/jdk-8-will-use-tls-12-as-default

Python

Python support has been a bit complicated as they had different versions of OpenSSL. Python has supported TLS 1.2 since version 3.2 and 2.7.9. Please see their official documentation here for more information: https://docs.python.org/3/library/ssl.html

Ruby

TLS 1.2 is supported in Ruby 2.0 and higher.

SSIS

Currently the Melissa components do not connect using TLS 1.2 out of the box. Please see this page for how to configure your machine as a work-around: http://wiki.melissadata.com/index.php?title=FAQ%3ASSIS%3AEnforce_TLS_1.2

We are currently working on natively integrating TLS 1.2 with DQC Components for SSIS and future releases with support for TLS 1.2 will be announced on http://wiki.melissadata.com/index.php?title=SSIS%3AData_Quality_Components

Additional Questions?

Please contact us with any additional questions or concerns.

http://wiki.melissadata.com/index.php?title=Tech_Support

Leave a Reply

Your email address will not be published. Required fields are marked *