Thank you.
During the week of March 16 - 20, 2009, Authorize.Net will be deprecating all legacy support for the SSL 2.0 protocol. Changes have recently been made to the Payment Card Industry Data Security Standard (PCI DSS) which have made the use of SSL 2.0 a PCI DSS violation.
Due to this change, it is critical that your merchants update any applications or integrations that may be using the SSL 2.0 protocol to support the more current SSL 3.0/TLS 1.0 protocols. Failure to upgrade their applications or integrations may result in a lost ability to successfully process transactions via the Authorize.Net Payment Gateway.
Only merchants using SSL 2.0 to connect to the payment gateway will be affected. If you have merchants who are currently using SSL 2.0, you must have them contact their Web developer immediately to arrange to update their integrations to the SSL 3.0/TLS 1.0 protocols.
It is critical that if a merchant contacts you regarding the use of SSL 2.0 that you direct that merchant to contact their developer to verify whether their integration will be impacted.
For more information on the limitations of SSL 2.0 and the advantages of SSL 3.0/TLS 1.0, we recommend reviewing the white paper Analysis of the SSL 3.0 Protocol.