Due to changes in the encryption and credit card industries over the past year, older web browsers are being left behind in supporting the latest security requirements. For those of you who happen to be still be on Microsoft Windows XP or Vista and are using Internet Explorer, this means that your access to the secure web is being phased out.
Windows XP only provides up to Internet Explorer 8 (IE8). Windows Vista only provides up to Internet Explorer 9 (IE9). In both cases, these browsers do NOT support the encryption level REQUIRED for proper credit card information protection. The older protocols they do support (known as SSLv3 & TLS 1.0) have been “cracked”, meaning that continuing to use them is insecure and leaves users vulnerable to their private information being decrypted and stolen.
To stay compliant with credit card industry requirements (also known as “PCI compliance”), we must disable these compromised protocols, leaving only those that are stronger and still secure (such as TLS 1.1 and TLS 1.2). This means that visiting secure sites with Internet Explorer on Windows XP or Vista is increasingly likely to simply come up with an error because they don’t have the ability to use this newer encryption.
As of November 2015, your best option if you are still using Windows XP or Vista is to use an alternative browser such as Google Chrome or Mozilla’s Firefox. However, Windows XP is no longer supported by Microsoft and now has KNOWN vulnerabilities. Google has indicated that they will end support for Chrome on Windows XP by the end of 2015. Mozilla doesn’t have a stated end-of-support date as of this post, but the end is likely to come in the near future.
If you are on Windows XP, we STRONGLY urge you to retire it now and move to a new Windows operating system to protect your home or business PC from being compromised. If you are using Windows Vista, you will have Microsoft security support via Windows Update until April 11, 2017. Using Chrome or Firefox on that operating system will extend your access to modern secure web sites until then.