Security Vulnerability Updates
  • 08 Oct 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Security Vulnerability Updates

  • Dark
    Light
  • PDF

Article summary

OneSpan Sign is committed to protecting the security of our customers' data. Thus we are continuously updating our security requirements for communicating with the service.

Cipher Support

We recently required user platforms that communicate with the service to support strong ciphers for both incoming and outgoing Callback Notifications and SMTP messages. Users running older platforms or browsers may not be able to communicate with the service, including the application's API. Should you experience any issues, upgrade your integration framework to use strong ciphers.

Instead of configuring to allow specific ciphers, most servers are normally configured to accept only “HIGH” (strong) ciphers. With that configuration, if a cipher gets compromised, it is simply removed from the list when the server is updated.

Requiring strong ciphers will ensure that we support only TLS 1.1 and 1.2 high-encryption ciphers, including EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:

For more information, contact your IT security department, or contact our Support Team.

More information about minimum security requirements is available here.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant