Important Notification Update - LexisNexis® Risk Solutions | TLS 1.2 Security Initiative

Document created by RSA Product Team Employee on Oct 19, 2017Last modified by RSA Link Admin on Sep 18, 2020
Version 4Show Document
  • View in full screen mode

Dear Customer,


RSA wants you to be aware of an update to the TLS 1.2 Security Initiative by LexisNexis® Risk Solutions, the provider of Knowledge Based Authentication.  This LexisNexis® Risk Solutions initiative requires your immediate attention.


LexisNexis® Risk Solutions has informed RSA that all LexisNexis® Risk Solutions customers are required to meet the minimum security protocol of TLS 1.2. 


This LexisNexis® Risk Solutions initiative, which began in early 2017, has adjusted its end date to ensure that all customers are prepared. From February 1, 2018, LexisNexis® Risk Solutions will begin to disable TLS 1.0 and 1.1 ciphers and protocols.  LexisNexis® Risk Solutions has informed RSA that customers who do not meet TLS 1.2 protocol requirements, will no longer be able to access LexisNexis® Risk Solutions systems.


Note: LexisNexis will disable TLS 1.0 and 1.1 in their staging environment on Tuesday, October 24, 2017 at 10:00pm EST, for customers who utilize the LexisNexis® Risk Solutions InstantID Q&A product to test their TLS 1.2 settings.


The Test URL in Scope is:


Note: RSA’s Adaptive Authentication On-Premise supports TLS 1.2 only from version 7.3 P1 onwards. Customers who use LexisNexis® Risk Solutions with Adaptive Authentication On-Premise, who do not use version 7.3 P1 or later, must upgrade their Adaptive Authentication On-premise system to meet LexisNexis® Risk Solutions requirements.  In addition, customers will need to use JAVA 8.


Please work directly with LexisNexis® Risk Solutions on any exception. Without the upgrade (plus JAVA 8) or an exception, API calls to LexisNexis® Risk Solutions will fail after the LexisNexis® Risk Solutions Security Initiative is implemented.


For additional documentation, downloads, and more, visit the RSA Adaptive Authentication page on RSA Link.


EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.