Biometric Signature ID forced to go TLS 1.2 only.

Biometric Signature ID forced to go TLS 1.2 only.

End-users can test if their system supports TLS 1.2 by visiting:
https://www.ssllabs.com/ssltest/viewMyClient.html   (Allow access to 64.41.200.100 if "Firewall" error is shown)
Partners can verify everything by connecting to their respective BioSig-ID™ sandbox environment.

BioSig-ID™ has been kept secure with TLS 1.2 for many years, but we rely on Forward-Secrecy to upgrade any initial connection from TLS 1.0/1.1 to the more secure 1.2 one. The BioSig-ID™ systems use the Microsoft TLS 1.0 and TLS 1.1 protocol implementations, which are still secure by a narrow margin, but there are active exploits being performed against other implementations that contain flaws.

To protect the world, TLS 1.0 and TLS 1.1 protocols will be removed from browsers next year. As there are no fixes or patches that can adequately fix SSL or deprecated TLS, it is critically important that organizations and end-users upgrade to a secure alternative as soon as possible.

Browser deadlines for disabling TLS 1.0 and TLS 1.1 protocol are as follows:
Browser Name
Date
Apple Safari/Webkit
March 2020
Google Chrome
January 2020
Microsoft IE and Edge
First half of 2020
Mozilla Firefox
March 2020

For this reason we can no longer allow TLS 1.0 and TLS 1.1 to remain active, especially when TLS 1.3 is soon to be released.

The impact will be on older systems that are no longer receiving updates.

Operating Systems in danger:
  1. Apple MacOSX 10.8.4 and older (installing a modern browser might solve it)
  2. Google Android v4.3 and older
  3. Microsoft Windows XP/Vista and older (installing a modern browser might solve it)
  4. Any system relying on Java v7 and older
  5. Any system relying on OpenSSL v0.9.x and older
Browsers in danger:
  1. Apple Safari v6 and older
  2. Google Chrome v48 and older
  3. Microsoft Internet Explorer 10 and older
  4. Mozilla Firefox v46 and older
Please update your respective operating system to one with an active security maintenance window, and a modern "evergreen" browser that automatically updates to protect you against the latest exploits. Popular evergreen browsers are: Chrome, Edge, Firefox, Opera, and Safari.

Microsoft Internet Explorer 11 is temporarily given an extended lifeline by Microsoft due to massive corporate usage, but support for this will eventually end when TLS 1.3 is released.

For more information refer to the best practice section at RFC-7525 which has advocated since 2015 why TLS 1.0 and 1.1 should no longer be used.

    • Related Articles

    • BioSig-ID™ Dashboard Usage - README.FIRST

      Reports are now merged within the BioSig-ID™ Dashboard. Please update all your bookmarks and references accordingly. Any reference to https://verifyexpress.com/reports/<account-name>/admin or /public is no longer valid. The BioSig-ID™ Dashboard can ...
    • Adding BioSig-ID to Moodle Courses

      Introduction Instructors create an instance of the module in their course and use its associated grade book column to give students access to one or more other content items (such as an assignment). Creating a Tool instance Add a tool instance of the ...
    • Blackboard Adding BioSig-ID to Your Course(s)

      Introduction The Biometric Signature ID (BSI) Building Block for Blackboard Learn 9.1 provides a mechanism to require a user/student to validate their identity when needed. This process is split between enrollment for the user to create their initial ...
    • Adding BioSig-ID to a Course in Jenzabar

      A BioSig-ID™ validation can be placed before any content item where "rules" can be used.  This will require a user to validate successfully prior to accessing the content item.  Creating a Tool Instance To add a BioSig-ID validation you will first ...
    • BioSight-ID™ Dashboard

      This video covers the usage of the BioSight-ID™ dashboard allowing instructors to review the exam monitoring proctored activity of students in their courses. If no-sessions are shown when they are expected then please contact your LMS admin to verify ...