Enable TLS 1.2 - What you need to know:

What are the types of connections/authentication that will be affected by the TLS 1 / 1.1 disable change?Only FTPS and HTTPS are impacted by external users.SFTP/SSH is not in scope.

What type of errors will the clients get if affected? Browser will return the message below or similar message depending on browser used:

Secure Connection Failed

The connection to sta.experian.com was interrupted while the page was loading.

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.

Learn more…

It looks like your network security settings might be causing this. Do you want the default settings to be restored?

Report errors like this to help Mozilla identify and block malicious sites

To fix, refer to setting steps in Browser Guide

How do I diagnose and resolve browser issues with HTTPS/TLS?Refer to setting steps in Browser Guide

How do I diagnose and resolve FTP client issues with FTPS/TLS?Refer to setting steps in FTP Client Software Guide

www.experian.com© 2017 Experian Information Solutions, Inc. All rights reserved.

FTP Client Software Guide

FTP CLIENT SOFTWARE TLS 1.2 Compatibility Notes

Ipswitch Use FTP/SSL (AUTHSSL), under Advanced SSL, all other check boxes should be unchecked

Filezilla Use OPTION “explicit FTP over TLS if available”

Winscp Go to Settings and check TLS/SSL Explicit encryption, then under Advanced choose TLS/SSL Maximum

TLS/SSL VERSION: TLS 1.2

CuteFTP NOT COMPATIBLE IN ANY VERSION

Emergency Work Around: post using HTTPs, we can offer Axway Secure Client (free of charge)

CoreFTP LE FTP (SSL DIRECT) is not compatible.

Use FTP (AUTH SSL) OR FTP (AUTH TLS) with SSL Listings, SSL Transfer, Clear (CCC) checked.

Also, check Windows SSL or Open SSL depending on environment.

MoveIt Central Must have version 9.0+ for TLS1.2. Anything lower will require upgrade to minimum of 9.0

What ciphers are available? Cipher suites for client initiated transfers using FTPS ‐and HTTPS:

TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA

www.experian.com© 2017 Experian Information Solutions, Inc. All rights reserved.

Browser Guide The following table lists the most common internet browsers.  The table lists each browser with the compatibility of TLS 1.2 for recent versions.

Browser TLS 1.2 Compatibility Notes

Microsoft Edge Compatible by Default

Desktop and mobile versions Compatible by Default

Microsoft Internet Explorer (IE) Varies by IE version and Windows OS version

Desktop and mobile IE version 11 Compatible by Default

Desktop IE versions 8, 9 and 10 Capable when run in Windows 7 or newer, but not by default. Windows Vista and older operating systems such as Windows XP are not compatible with TLS 1.2 encryption.

To enable TLS 1.2 on Internet Explorer:1. Open Internet Explorer.2. Select Tools > Internet Options.3. Select the Advanced tab.4. Scroll to the Security section.5. Check the Use TLS 1.2 checkbox to use strict encryption.6. Click OK.

Desktop IE versions 7 and below Not compatible or stable with TLS 1.2 encryption

Mozilla Firefox Compatible with the most recent, stable version, regardless of operating system

Firefox 27 and higher Compatible by Default

Firefox 24 to 26 Compatible but not by Default

Firefox 23 and below Not compatible with TLS 1.2 or higher encryption

Google Chrome CCompatible with the most recent, stable version, regardless of operating system

Google Chrome 38 and higher Compatible by Default

Google Chrome 22 to 37 Capable when run in Windows XP SP3, Vista, or newer (desktop), OS X 10.6 (Snow Leopard) or

www.experian.com© 2017 Experian Information Solutions, Inc. All rights reserved.

newer (desktop), or Android 2.3 (Gingerbread) or newer (mobile)

Google Chrome 21 and below Not Compatible with TLS 1.2 encryption

Google Android OS Browser

Android 6.0 (Marshmallow) and higher Compatible by Default

Android 5.0 (Lollipop) and higher Compatible by Default

Android 4.4 (KitKat) to 4.4.4 Compatible but not by Default

Android 4.3 (Jelly Bean) and below Not compatible with TLS 1.3 encryption

Apple Safari

Desktop Safari version 7 and higher for OS X 10.9 (Mavericks) and higher

Compatible by Default

Desktop Safari versions 6 and below for OS X 10.8 (Mountain Lion) and below

Not compatible with TLS 1.2 encryption

Mobile Safari version 5 and higher for iOS 5 and higher

Compatible by Default

Mobile Safari for iOS 4 and below Not compatible with TLS 1.2 encryption

www.experian.com© 2017 Experian Information Solutions, Inc. All rights reserved.

To update TLS settings in the following browsers, see below:

Microsoft Internet Explorer

1. Open Internet Explorer.2. From the menu bar, click Tools > Internet Options > Advanced tab.3. Scroll down to Security category, manually check the option box for Use TLS 1.1 and

Use TLS 1.2.4. Click OK.5. Close your browser and restart Internet Explorer.

Google Chrome

1. Open Google Chrome.2. Click Alt F and select Settings.3. Scroll down and select Show advanced settings...4. Scroll down to the Network section and click on Change proxy settings...5. Select the Advanced tab.6. Scroll down to Security category, manually check the option box for Use TLS 1.1 and

Use TLS 1.2.7. Click OK.

Firefox 43 supports TLS 1.0, 1.1, and 1.2 by default. You shouldn't need to make any changes, but you can double-check the settings here if you like:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

(3) If the security.tls.version.max preference is bolded and "user set" to a value other than 3, right-click > Reset the preference to restore the default value of 3

(4) If the security.tls.version.min preference is bolded and "user set" to a value other than 1, right-click > Reset the preference to restore the default value of 1

The values for these preferences mean:

1 => TLS 1.0 2 => TLS 1.1 3 => TLS 1.2

www.experian.com© 2017 Experian Information Solutions, Inc. All rights reserved.

Opera

1. Open Opera.2. Click Ctrl plus F12.3. Scroll down to the Network section and click on Change proxy settings...4. Select the Advanced tab.5. Scroll down to Security category, manually check the option box for Use TLS 1.1 and

Use TLS 1.2.6. Click OK.7. Close your browser and restart Opera.

Apple Safari

If you are using Safari version 7 or greater, TLS 1.1 and TLS 1.2 are automatically enabled.

End of Document

www.experian.com© 2017 Experian Information Solutions, Inc. All rights reserved.