Important Notification  - LexisNexis® Risk Solutions | TLS 1.2 Security Initiative

Document created by Kimberley Heath Employee on Sep 21, 2017Last modified by Kimberley Heath Employee on Sep 21, 2017
Version 2Show Document
  • View in full screen mode

Dear Customer,

 

RSA wants you to be aware of an initiative by LexisNexis® Risk Solutions, the provider of Knowledge Based Authentication.  This LexisNexis® Risk Solutions initiative requires your immediate attention.

 

LexisNexis® Risk Solutions has informed RSA that all LexisNexis® Risk Solutions customers are required to meet the minimum security protocol of TLS 1.2.   LexisNexis® Risk Solutions is working towards an end-of-Q3 2017 timeframe to disable all support for TLS 1.0 and 1.1.

 

LexisNexis®  Risk Solutions has also informed RSA that customers who do not meet TLS 1.2 protocol requirements, will no longer be able to access LexisNexis® Risk Solutions systems.

 

Note: RSA’s Adaptive Authentication On-Premise supports TLS 1.2 only from version 7.3 P1 onwards. Customers who use LexisNexis® Risk Solutions with Adaptive Authentication On-Premise, who do not use version 7.3 P1 or later, must upgrade their Adaptive Authentication On-premise system to meet LexisNexis® Risk Solutions requirements.  In addition, customers will need to use JAVA 8.

 

Please work directly with LexisNexis® Risk Solutions on any exception. Without the upgrade (plus JAVA 8) or an exception, API calls to LexisNexis® Risk Solutions will fail after the LexisNexis® Risk Solutions Security Initiative is implemented.

 

For additional documentation, downloads, and more, visit the RSA Adaptive Authentication page on RSA Link.

 

EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Attachments

    Outcomes