© 2017 First Data Corporation. All Rights Reserved.

TLS 1.2 Terminal/Datawire Update

TLS 1.2 Defined

• The National Institute of Standards and Technology (NIST) identified SSL (Secure Socket Layer) and

earlier versions of TLS (Transport Layer Security, the successor protocol to SSL) as weak secure

network communication protocols that are not acceptable for the protection of data.

• Upgrading to a current, more secure version of TLS is the only known way to remediate these

vulnerabilities.

• In addition, the PCI Security Standards Council set a deadline of June 30, 2018 for migrating from

SSL and early versions of TLS.

• All POS Software/Terminals, Gateways, APIs and NAMS that fail to upgrade may not continue to

process transactions via Datawire Secure Transport (Datawire).

Noted around Impacts

• As with SHA-256, terminals processing via Apriva are not impacted by TLS 1.2.

Datawire will be updated for TLS 1.2 on 2/15/18

0

© 2017 First Data Corporation. All Rights Reserved.

Class A Terminals that are TLS 1.2 Ready/Capable

Vendor Model Application Platform Peripheral Needed First Data FD50Ti 751UN100 Nashville FD-35

First Data FD50Ti UN100 Omaha FD-35

First Data FD100Ti 751UN100 Nashville FD-35

First Data FD100Ti Un100 Omaha FD-35

First Data FD100Ti F1UATL01 Buypass FD-35

First Data FD100Ti Wi-Fi 751UN100 Nashville FD-35

First Data FD100Ti Wi-Fi UN100 Omaha FD-35

First Data FD100Ti Wi-Fi F1UATL01 Buypass FD-35

First Data FD200Ti 751UN100 Nashville FD-35

First Data FD200Ti UN100 Omaha FD-35

First Data FD200Ti F1UATL01 Buypass FD-35

First Data FD200Ti Wi-Fi 751UN100 Nashville FD-35

First Data FD200Ti Wi-Fi UN100 Omaha FD-35

First Data FD200Ti Wi-Fi F1UATL01 Buypass FD-35

First Data FD130 751UN130 Nashville N/A

First Data FD130 760FD130 Nashville N/A

First Data FD130 UN130 Omaha N/A

First Data FD130 F3UATL01 Buypass N/A

First Data FD130 Duo 751UN130 Nashville FD-35

First Data FD130 Duo UN130 Omaha FD-35

First Data FD130 Duo F3UATL01 Buypass FD-35

First Data FD130 Duo 760FD130 Nashville FD-35

First Data FD410 751UN410 Nashville N/A

First Data FD400GT GPRS 751UN400 Nashville N/A

First Data FD400GT CDMA 751UN400 Nashville N/A

First Data First Data Retail pcAmerica CRE Nashville PAX S300

First Data First Data Restaurant Dinerware Nashville PAX S300

Verifone Vx520 750FDPOSVX Nashville N/A

Verifone Vx520 XEAC413D Buypass N/A

Verifone Vx520 BY070107 Buypass N/A

1

© 2017 First Data Corporation. All Rights Reserved.

Class A Terminals that are TLS 1.2 Ready/Capable

but NOT Available for New Sales/Swaps

• Terminals below DO meet the requirements for TLS 1.2 however, as a part of our lifecycle process,

they have been moved to a "Remove From Field" status.

• While these terminals will continue to process after the TLS 1.2 deadline, merchants should still move

to an EMV readily available solution as soon as possible.

2

Vendor Model Application Platform Lifecycle

First Data FD400 CDMA

FD400 GPRS 750FD400 Nashville Remove From Field

First Data FD400Ti CDMA 750FD400CD Nashville Remove From Field

First Data FD400Ti GPRS 750FD400 Nashville Remove From Field

© 2017 First Data Corporation. All Rights Reserved.

Class B/B+ Terminals that are TLS 1.2 Ready/Capable

3

Vendor Model Application Platform Peripheral Needed Class

Verifone Vx520 XEFB450A Omaha Vx805 (optional) B+

Ingenico iCT220 FDC200 Omaha N/A B+

Ingenico iCT220CL FDC200 Omaha N/A B+

Ingenico iCT250 FDC200 Omaha N/A B+

Ingenico iWL220 FDC200 Omaha N/A B+

Ingenico iWL222 FDC200 Omaha N/A B+

Ingenico iWL250 FDC200 Omaha N/A B+

Ingenico iWL252 FDC200 Omaha N/A B+

Ingenico iWL255 GPRS FDC200 Omaha N/A B+

Apriva Vx680 SoftPay v5.0 Omaha N/A B+

Apriva iWL220, iWL250

iCT220, iCT250 Telium2 v2.0 Omaha N/A B+

PAX S80 BroadPOS Version - V1.00 Omaha N/A B+

PAX S90 BroadPOS Version - V1.01 Omaha N/A B

Equinox Apollo AiO Voyager 2.0 Omaha N/A B

Equinox Apollo CFD Voyager 2.0 Omaha N/A B

Exadigm NX1200 08.014.XXX Omaha N/A B

Exadigm NX1200 08.011.XXX Nashville N/A B

Exadigm NX2200 08.014.XXX Omaha N/A B

Exadigm NX2200 08.011.XXX Nashville N/A B

Dejavoo V5, V8, V8+, V9, V9+ DvCreditApp Version - 01.20 Omaha N/A B

Dejavoo Z1, Z3, Z6, Z8, Z9 and Z11 DvCreditApp Version - 01.21 Omaha N/A B

© 2017 First Data Corporation. All Rights Reserved.

Class A Terminals that are NOT TLS 1.2 Ready/Capable

• The terminals below do NOT (and will not be updated to) meet the requirements for TLS 1.2.

• This list is not intended to be "complete" but does represent terminals recently moved to No Download, No Help Desk or

Remove From Field that might still be in use by our merchant base.

• However, ANY terminal not on the TLS 1.2 certified Class A or Class B list should be considered as non-compliant.

• As a reminder, TLS 1.2 ONLY impacts terminals that process via IP through Datawire. Terminals that are connecting into a

First Data platform via dial are not impacted.

4

Vendor Model Application Platform Lifecycle

First Data FD50 751UN100 Nashville No Download

First Data FD50 UN100 Omaha No Download

First Data FD100 751UN100 Nashville No Download

First Data FD100 Un100 Omaha No Download

First Data FD100 F1ATL49 Buypass No Download

First Data FD100 Wi-Fi 751UN100 Nashville No Download

First Data FD100 Wi-Fi UN100 Omaha No Download

First Data FD100 Wi-Fi F1ATL49 Buypass No Download

First Data FD200 F1ATL49 Buypass No Download

First Data FD200 UN100 Omaha No Download

First Data FD200 751UN100 Nashville No Download

First Data FD200 Wi-Fi 751UN100 Nashville No Download

First Data FD200 Wi-Fi UN100 Omaha No Download

First Data FD200 Wi-Fi F1ATL49 Buypass No Download

First Data FD300/FD300 Wi-Fi 750FD300 Nashville No Download

First Data FD300/FD300 Wi-Fi FDO3001 Omaha Remove From Field

First Data FD300Ti/FD300Ti Wi-Fi 750FD300 Nashville No Download

© 2017 First Data Corporation. All Rights Reserved.

Class B/B+ Terminals that are NOT TLS 1.2 Ready/Capable

• The terminals below do NOT (and will not be updated to) meet the requirements for TLS 1.2.

• This list is not intended to be "complete" but does represent terminals recently moved to No Download, No Help Desk or

Remove From Field that might still be in use by our merchant base.

• However, ANY terminal not on the TLS 1.2 certified Class A or Class B list should be considered as non-compliant.

• As a reminder, TLS 1.2 ONLY impacts terminals that process via IP through Datawire. Terminals that are connecting into a

First Data platform via dial are not impacted.

5

Vendor Model Application Platform Class Lifecycle

Verifone FD55 750FDPOSVX Nashville A No Download

Verifone Vx520 XEFB431A Omaha B+ Available For New Sales

Verifone FD55 XEFB431 Omaha B+ No Download

Verifone Vx510/Vx570 750FDPOSVX Nashville A No Download

Verifone Vx510/Vx570 SEFB431 Omaha B+ No Download

Verifone Vx570 SEAC290S Buypass A No Download

Verifone Vx570 BY070004 Buypass A No Download

Ingenico Aqua 780i5100 Nashville A No Help Desk

Ingenico Aqua IngePay FDC Omaha Omaha B+ No Help Desk

Ingenico i5100 IngePay FDC Omaha Omaha B+ No Help Desk

Ingenico i7780 IngePay FDC Omaha Omaha B+ No Help Desk