Release Notes

These release notes cover all releases to the production server for the week ending

March 13, 2026

.

Announcements

These announcements are for

March 13, 2026

.

Webhooks Updates

Webhooks version 1 will be decommissioned in April 2026. See Webhooks version 2 in the Developer Center.

TLS Updates

We are making changes to our implementation of Transport Layer Security (TLS).

TLS 1.3

To maintain the highest security standards for both browser-based and server-to-server connections, we will enable TLS 1.3 on the endpoints listed below. This enhancement is optional and will supplement the existing TLS 1.2 support, which will remain in place with no plans for removal.

We will make changes to these endpoints on these dates:

Testing environment
: May 26, 2026

ics2wstesta.ic3.com

ics2wstest.ic3.com

apitest.cybersource.com

Production environment
: June 2, 2026

ics2wsa.ic3.com

ics2ws.ic3.com

api.cybersource.com

api.in.cybersource.com

ics2ws.in.ic3.com

Contact Customer Support if you have any questions about these changes.

TLS Certificate Lifetime Reduction

In alignment with new CA/Browser Forum regulations, the maximum TLS certificate lifetime will be reduced gradually as follows:

• From today until March 15, 2026, the maximum lifetime for a TLS certificate is 398 days.

• March 15, 2026, the maximum lifetime for a TLS certificate will be 200 days.

• March 15, 2027, the maximum lifetime for a TLS certificate will be 100 days.

• March 15, 2029, the maximum lifetime for a TLS certificate will be 47 days.

Review the information in this blog for more information about the TLS certificate lifetime changes:

tls-certificate-lifetimes-will-officially-reduce-to-47-days

How will this change impact connectivity?

Server level (leaf) SSL/TLS certificates issued by Cybersource will remain valid until their scheduled expiration. Server level (leaf) TLS certificates have shorter lifespans and must be reissued more frequently. Cybersource therefore recommends that clients trust the root certificate instead.

What is our recommendation?

We continue to recommend trusting the Root TLS certificates for all secure endpoints. This approach removes the need for periodic renewal of server level certificates and helps prevent connection failures caused by expired leaf certificates.

How can I tell what TLS certificate I am using?

Contact your server administrator or your network support team.

Where can I find the TLS Root certificate?

Continue trusting the root certificate to maintain connectivity with supported endpoints. You can download the root certificate from this article:

?code=KA-09802

Contact your Customer Support representatives for any questions you may have about this change.

Features Introduced This Week

Pay with Token Using Unified Checkout

Description: Use Token Management Service (TMS) tokens within Unified Checkout to show the chosen payment token within the UI alongside your other chosen payment methods.
Mandate: Does not apply
Audience: Unified Checkout users in the these regions: AP, CEMEA, EU, LAC, and NA.
Benefit: By combining tokenized credential management and checkout into a single integration, merchants can scale faster, improve customer experience, and future‑proof their e‑commerce payments strategy.
Technical Details: Merchants can present previously stored customer credentials directly within the Unified Checkout experience and enable returning customers to complete purchases faster and more securely. Merchants can re‑use tokens for the use with payment processing from within Unified Checkout.
Important Dates: Released to production on March 10, 2026.

Unified Checkout Version 1

Description: Unified Checkout Version 1 delivers a modern, low‑code digital payment acceptance experience that combines streamlined integration capabilities with intuitive merchant configuration screens in the Business Center. This release modernizes how merchants onboard, integrate, and manage checkout experiences by pairing updated APIs and SDKs with guided UI‑based configuration flows. Merchants can complete core setup steps, manage payment options, and control customer information requirements through Business Center screens, while developers benefit from consistent APIs, updated naming conventions, and AI‑generated sample code across five programming languages.
Mandate: Does not apply
Audience: Unified Checkout users in these regions: AP, CEMEA, EU, LAC, and NA.
Benefit: Unified Checkout v1 reduces both development and operational effort by unifying integration and configuration into a consistent, low‑code framework. Developers benefit from clearer naming conventions, updated URLs, and AI‑generated sample code that accelerates onboarding and evaluation. Merchants and operations teams gain the flexibility to manage payment methods, customer data collection, and checkout behavior directly through intuitive Business Center screens without requiring code changes. Together, these improvements lower onboarding friction, speed time to market, and provide a scalable foundation for future payment enhancements.
Technical Details: Merchants integrating or upgrading to Unified Checkout v1 will experience changes across both integration and operational workflows. On the integration side, API paths, JavaScript file names, global objects, method names, and error labels have been updated. Any implementation referencing legacy identifiers (such as SecureAcceptance.js
, the
Accept
namespace, or URLs containing
up
) will require updates to align with Unified Checkout conventions. On the merchant operations side, configuration tasks that were previously handled through custom development or static integration decisions can now be managed directly within the Business Center. Merchants should review user roles and permissions to ensure appropriate access to Unified Checkout configuration screens.
Important Dates: Released to production on March 13, 2026.

Fixed Issues

No customer-facing fixes were released this week.

Known Issues

There are no known issues this week.