This is how you who use Svea's payment services in your online store are affected.
What will happen?
Svea works continuously to improve its IT environment and now we are replacing a component called Load Balancer.
In addition to higher capacity and higher operational reliability, this means that we also have the opportunity to use several Internet providers in parallel to our server halls. Several Internet providers increase our availability further, as parallel communication paths to the Internet reduce the risk of being affected by individual providers' problems.
What does it mean for me as a customer or partner?
There are two things that may need to be verified.
Our services and APIs will now receive a double set of IP addresses.
If your server environment has a firewall that stops outgoing calls to unknown addresses, you should check that both of our addresses are allowed in your firewall.
Make sure you can call us via TLS 1.2/1.3. Until the load balancer change, we allowed a couple of older protocols (TLS 1.0 and TLS 1.1) to call us, but now, like most other major IT players, we will no longer allow that protocol for security reasons.
The reason why we now make that restriction is that the newer protocols (TLS 1.2 and 1.3) have been the standard to be used for secure communication for some years now.
What do I need to do?
Ask whoever manages your server environment to check your firewall.
- If you don't stop outgoing traffic, you don't need to do anything in the firewall.
- If you stop outgoing traffic, check that you have opened traffic to both networks referenced in the attached PDF. You already have one today. If you have integrated with our Svea Checkout in the last three years, both addresses have been in our documentation.
- If you use an old web browser to access Svea Payment Admin make sure it supports TLS 1.2. You can verify here.
And the TLS thing?
TLS 1.0 and TLS 1.1 have been seen as a risk for several years, but a normal and up-to-date IT environment has long been able to communicate via TLS 1.2 or 1.3.
How can we verify before?
If you are unsure, you can try calling our test environment ("Stage"). It's already upgraded, and if that call goes well, there shouldn't be any issues when we upgrade the Production environment. This applies to both the new TLS version and communication to our new IP addresses.
If you are a customer of Svea Bank in Sweden and have questions, you are of course welcome to contact us via email.
For other countries, please use your regular customer contact.