Please, wait while we are validating your browser
Your browser is not secure
You're seeing this page because your web browser tried to connect to Warwick's website with insecure settings. Please upgrade your web browser.
The TLS 1.0 encryption protocol is disabled across the University's web services. Disabling TLS 1.0 prevents it from being used to access Warwick websites via an insecure web browser or application. We've made this change to keep the University's websites safe and secure.
What do I need to do?
When accessing websites using a web browser, ensure you use the latest available version of the browser – whether that is Internet Explorer, Google Chrome, Mozilla Firefox, Safari or another browser. Using the latest version keeps you safe online because you're using the most up-to-date security settings.
Why is this happening?
Although TLS 1.0, when configured properly, has no known security vulnerabilities, newer protocols are designed better to address the potential for new vulnerabilities.
The PCI Data Security Standard 3.1 recommends disabling “early TLS”:
“SSL and early TLS are not considered strong cryptography and cannot be used as a security control after June 30, 2016 [without a mitigation strategy for disabling it before June 2018].
The best response is to disable SSL entirely and migrate to a more modern encryption protocol, which at the time of publication is a minimum of TLS v1.1, although entities are strongly encouraged to consider TLS v1.2.”
We need to be PCI-compliant to take online payments at the University. It is not sufficient to merely disable TLS 1.0 on our transaction tracking system as the requirement extends to any system that initiates a payment, including car parking, printer credits, the Warwick website, etc.