Back in 2021, Melissa underwent the initiative to deprecate TLSv.1.0 and TLSv1.1 from our active and current web services. This was a necessary step to maintain a necessary and compliant security posture and to keep in line with industry standards and expectations.
We did not apply this deprecation to our Legacy or ancillary web services at the time because we knew that many of our users were on older technology and frameworks that may or may not be compliant with TLSv1.2 or TLSv1.3. However, as almost all platforms (ie: Google, Microsoft, Cisco, Apple, and Mozilla to name a few) have fully deprecated TLSv1.0 and TLSv1.1, the technology world has at the same time become more dangerous and attacks more prevalent.
What we are going to do:
We intend to remove support for TLSv1.0 and TLSv1.1 for all of our web services in 2024.
Would my application be affected?
It is difficult to know for sure from our end. The version of TLS supported typically depends on the programing language you are using and the version of that language you are using. TLS 1.2 was introduced in 2008, so if you are using a version of a programming language that has been updated since 2010, you should be ok. Having said that, not all programming languages were quick to adopt the standard.
Which programming language was most affected?
The main culprit we encountered in our deprecation in 2021 was JAVA. If you are using Java 1.6 or earlier (or using an application like WebSphere/Oracle that was built on a very old version of Java), the chances of you being affected are much higher.
Which Melissa Web Services are affected?
If you are using our non-legacy services, you are already on the secure version of TLS. The legacy services that will be affected are have the following domains:
https://xml.melissadata.com
https://ws.melissadata.com
https://addresscheck.melissadata.net
https://email.melissadata.net
https://geocoder.melissadata.net
https://name.melissadata.net
https://phonecheck.melissadata.net
https://streetsearch.melissadata.net
https://rbdi.melissadata.net
https://zipsearch.melissadata.net
https://list.melissadata.net
https://token.melissadata.net
https://creditservice.melissadata.net
https://tokenservice.melissadata.net
https://mdusagelogger.melissadata.net
What should I do if I think I am affected?
Please contact Melissa at tech@melissa.com. We will work with you to figure out the best path forward.