Yesterday, I received this notice from CyberSource about an end of Life of older APIs and/or an older Encryption Keys system?
In our case, we are running a customized version of AbleC's CyberSource integration as of Gold R9, due to needing to separate tokenization from authorization and captures and other aspects like that. Because the AbleC standard was still using the SOAP API, the customization stayed with that as the baseline instead of using any of the newer versions.
We went live with AbleC in early 2017, and I think I understand this enough that we should be ok (knocks on wood) that we will be ok with the Encryption key part. However, since it's also referring to a broader end of life support for the older SDKs, that raises a little flag that maybe we need to be concerned about this? (I admit not 100% clear about that though.)
- Is the SOAP API still in use as far as the last version of Gold (R12)?
- Would this message mean that AbleC would or might need to update the SDK used for version 9 if not also for some/any level of the Gold version?
- AbleC has been around long enough that this can't be the first time any integration API has reached an end of life. What has been the approach when these situations have come up before?
As part of our commitment to maintaining the highest level of security for transactional and customer data, CyberSource is announcing the End-of-Life of several of our older Software Development Kit (SDK) versions. Many Simple Order and SCMP SDK versions created before mid-2016 will see Support being ended as currently-in-place API encryption keys meet their expiration dates.
If you are currently processing transactions on a CyberSource SDK older than 3 years of age, we strongly advise you login to the New Enterprise Business Center's Key Management module to create an encryption key for your SDK version and test out transaction-processing compatibility with your current systems:
https://ebc.cybersource.com/ebc2/app/Pa ... Management
Note: Please note that tests run using keys from the 'legacy' Enterprise Business Center will not be valid, as those keys use legacy protocols no longer supported, and will die off in coming months.
Upon testing key compatibility, if you find your SDK version does not support use of New EBC-generated keys - you will need to take steps to evaluate and move to a new Connection Method in the coming few months. A list of current Connection Methods and versions can be found here:
https://www.cybersource.com/developers/ ... thods.html
CyberSource will end the ability to create 'legacy' encryption keys for these clients on or near February 15th, 2020. At that time, neither customers nor CyberSource internal personnel will be able to generate new encryption keys for these legacy clients.
Transaction processing on currently-active legacy keys will not cease on February 15th, but any customers continuing to use legacy keys for processing will be on a single point of failure should those keys be compromised or corrupted in any way as no replacements keys can be generated.
Please contact CyberSource Client Services for any questions about this change.
CyberSource Client Services