arrow-left Back to Announcements
DATE:
AUTHOR:
The Shift4 Updates team
Givex Gift Card & Loyalty GivexPOS

Important Security Update - TLS/SSL Certificate July 2025

DATE:
AUTHOR: The Shift4 Updates team

July 2025 Update - Download our self-test guide here to see if you will be affected by the security certificate change on September 10, 2025.

As part of Shift4’s commitment to security, we are always making updates to our system and ensuring we are following the latest security best practices. One of these changes will affect clients using Givex services, including gift cards, loyalty programs, and GivexPOS.

With a recent upgrade by our SSL provider, VikingCloud, our TLS/SSL certificates will now be issued from updated roots: Trustwave Global Certification Authority, Trustwave Global P256 Certification Authority, and Trustwave Global P384 Certification Authority.

This change shouldn’t impact the majority of clients. However, some stores which cannot accept the updated TLS/SSL certificates may experience service disruption starting September 10, 2025. We've installed the upgraded security certificate on one of our development servers for merchants to review a list of affected services and perform self-testing to see if they will be impacted. You can download the self-testing guide here.

Out of an abundance of caution, please direct your IT team and application developers to take the following actions by September 10, 2025:

1. Verify that you are using the following browser and trust store versions (or newer ones): 

Microsoft Windows 10 version 1903, Microsoft Trusted Root Program April 30, 2019 version Apple iOS 16.5, iPadOS 16.5, macOS 13.5, tvOS 16.5, watchOS 9.5 Google Chrome 105, Chrome Root Store 7, Chrome Root Program Policy 1.1 Mozilla Firefox 82, NSS 3.57

If not, please update to the latest versions or add the new roots to the trust stores you are using. To download the new roots, please visit the SecureTrust site and look under the Future Roots Certificates tab

2. Check if your in-house application developers are using certificate pinning or hard coding of the root or intermediate certificate. Remove any such instances.

Please share this communication with your IT team and complete these actions by September 10, 2025 to minimize any chance of service disruption. 

Contact your Shift4/Givex Client Support Team if you have any questions.

Download the Self-Test Guide

Sincerely,

The Shift4 Team


Powered by LaunchNotes