Software Security Standards Update

Posted on November 19, 2020, by 12Pay Support

Keeping your data safe is of paramount importance to 12Pay. We are always looking for ways to make our technology more secure, whilst delivering reliable and compliant solutions.
In the interest of maintaining a high level of data security, 12Pay has recently announced a new security standard for all our products. The security standard is aimed at ensuring we consistently deliver safe and trustworthy products and services.
A requirement of the policy is that we disable the use of Transport Layer Security (TLS) 1.0 and 1.1, in line with industry standards.

What is Transport Layer Security (TLS)?

TLS is a protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions. It is intended to prevent eavesdropping, tampering and message forgery.

TLS has been developed over the past 20 years, improving security and fixing any vulnerabilities identified. Versions 1.2 and 1.3 are now the only versions to be considered secure and to be supported by Microsoft.

What does this mean to me?

Outdated TLS versions are currently available for use with a range of IRIS cloud applications and their associated links to your payroll software.

We are taking measures to comply with our updated security standards. With the November system update, we will enable the removal of transport layer security (TLS) 1 and 1.1 for links with the below cloud applications.

If you use any of these applications, you must check that your operating software is compliant with TLS 1.2 or above

Products with TLS 1 & 1.1 disabled

  • My ePay Window
  • Kashflow accounts

Products due to have TLS 1 & 1.1 disabled

  • OpenPayslips
  • OpenEnrol
  • OpenSpace
This will be removed on 10th May 2021, so you must act now

Other applications/services planned for TLS 1 & 1.1 removal

  • Real Time information (RTI)
  • NEST
  • Scottish Widows
Timeframes not yet known.

How does my operating software impact compatibility with TLS 1.2 or above?

Operating SystemTLS 1.2 CompatabilitySoftware UpdateAction
Windows 8 or aboveCompatibleInstall November Update1. Update payroll software
Windows 7Compatible with actionInstall November Update1. Confirm TLS 1.2 enabled
2. Update payroll software
Windows Vista
Windows XP
Windows Server 2003		Not CompatibleInstall November software update1. Upgrade operating system
2. Update payroll software

How do I enable TLS 1.2 if I operate on Windows 7?

Details of how to do this for Windows 7 can be found here

What can I do if I don’t have a compatible operating system?

For customers who currently use an unsupported operating system, we strongly advise that you upgrade to a more recent version. This will ensure that you can comply with the security standards of modern-day software and continue to use our payroll software with supporting services.

There are 2 options available to you:

  • Upgrade your operating system to a more recent version of Windows
  • Sign up to a hosted desktop service, operating a more up to-date operating system

For details of our hosted offering, you can visit our website here

Why have we chosen to do this?

TLS 1 and 1.1 no longer meet modern day security standards, leaving users exposed to vulnerabilities.

Further to this, Microsoft no longer support XP, Vista, or Windows 7 and therefore security updates are no longer built with these operating systems in mind. This change is not specific to 12Pay, with cloud software of all varieties taking these steps.

As communicated previously, 12Pay no longer supports these operating systems and therefore does not test system updates for compatibility with them. It is strongly advised that customers find an alternative solution to avoid risking loss of service.

When will this happen?

TLS 1 and 1.1 will be removed from the stated applications with upcoming system updates, therefore you must act now if you are affected.

Please note: All customers must install the payroll software update to allow for the links with the stated applications to be used.

Getting in Touch

Should you have any questions, please get in touch with our support team for guidance relating to any of the above updates.

We apologise for any inconvenience this change causes; however, we are confident that it is in the wider interest of safety and security.

If you have any feedback, please don’t hesitate to contact us at hcmproduct@iris.co.uk

Furlough Extension

Update 6th Nov 2020 The government have now announced the furlough scheme will be extended until March 2021 Please click here for our latest guidance Update 3rd Nov 2020 On Sunday 1st November the Government’s announced the extension to the Furlough scheme, here we will discuss how we will be supporting you. What are the […]

Read More

How do I set up my system to send payment SMS to employees?

This functionality is available with a Bureau licence. Set up emailing from 12Pay, see KB10026. Sign up with and purchase a pack of texts from Green Text Click the Mail… button on the Employer form. Fill in the SMS Template text box with: {0}.PIN@sms160id.textapp.net Replace the word ‘PIN’ with your Green Text system PIN (visible […]

Read More

Sending Payslips & P60’s by email

12Pay payroll software can send payslips and P60s by email. You need to put an email address on each employee’s HR tab and 12Pay needs to be configured to talk to your email server. The information that 12Pay needs for sending emails is the same information that would be required for Outlook or any other […]

Read More