New Browser Security Requirements
Effective November 27, 2016 at 7:00am PST, Pacific Blue Cross will disable the TLS 1.0 encryption protocol across our various websites. This means that older internet browsers will not be able to access the secure (HTTPS) portions of our websites.
What is TLS?
Transport Layer Security (TLS) protocol facilitates communication security between two computer applications (e.g., a web browser and a server)
Why is TLS1.0 being disabled?
We take the protection of our data very seriously. To maintain the highest security standards and to align with industry-wide best practices, we are no longer supporting the TLS1.0 protocol which is now obsolete.
How will I be affected?
If you are using an old internet browser, you will not be able to access the secure (HTTPS) portions of our various websites.
Please refer to the browser compatibility guidelines below:
| Microsoft Internet Explorer (IE) | |
|---|---|
| Microsoft Edge | Compatible with TLS 1.1 or higher by default. |
| Desktop and mobile IE version 11 | Compatible with TLS 1.1 or higher by default If you see the "Stronger security is required" error message, you may need to turn off the TLS 1.0 setting in the Internet Options | Advanced Settings list. |
| Desktop IE versions 8, 9, and 10 | Compatible only when running Windows 7 or newer, but not by default. Windows Vista, XP and earlier are incompatible and cannot be configured to support TLS 1.1 or TLS 1.2. |
| Desktop IE versions 7 and below | Not compatible with TLS 1.1 or higher encryption |
| Mobile IE versions 10 and below | Not compatible with TLS 1.1 or higher encryption |
| Mozilla Firefox | |
| Compatible with the most version, regardless of operating system. | |
| Firefox 27 and higher | Compatible with TLS 1.1 or higher by default. |
| Firefox 23 to 26 | Compatible, but not by default. Use about:config to enable TLS 1.1 or TLS 1.2 by updating the security.tls.version.max config value to 2 for TLS 1.1 or 3 for TLS 1.2. |
| Firefox 22 and below | Not compatible with TLS 1.1 or higher encryption. |
| Google Chrome | |
| Compatible with the most version, regardless of operating system. | |
| Google Chrome 38 and higher | Compatible with TLS 1.1 or higher by default. |
| Google Chrome 22 to 37 | Compatible when running on Windows XP SP3, Vista, or newer (desktop), OS X 10.6 (Snow Leopard) or newer (desktop), or Android 2.3 (Gingerbread) or newer (mobile). |
| Google Chrome 21 and below | Not compatible with TLS 1.1 or higher encryption. |
| Google Android OS Browser | |
| Android 5.0 (Lollipop) and higher | Compatible with TLS 1.1 or higher by default. |
| Android 4.4 (KitKat) to 4.4.4 | May be compatible with TLS 1.1 or higher. Some devices with Android 4.4.x may not support TLS 1.1 or higher. |
| Android 4.3 (Jelly Bean) and below | Not compatible with TLS 1.1 or higher encryption. |
| Apple Safari | |
| Desktop Safari versions 7 and higher for OS X 10.9 (Mavericks) and higher | Compatible with TLS 1.1 or higher by default. |
| Desktop Safari versions 6 and below for OS X 10.8 (Mountain Lion) and below | Not compatible with TLS 1.1 or higher encryption. |
| Mobile Safari versions 5 and higher for iOS 5 and higher | Compatible with TLS 1.1 or higher by default. |
| Mobile Safari for iOS 4 and below | Not compatible with TLS 1.1 or higher encryption. |