SHA-256 Conversion

 

The USPS has begun the conversion of its licensed products from SHA-1 to SHA-256. This conversion is based on an OIG (Office of Inspector General) recommendation to transition USPS Licensed Products to a more secure algorithm to comply with current USPS security policies. 

As a result, Software developed using these are required convert their applications to SHA-256 as soon as possible. All Developers must have their software transitioned to SHA-256 no later than August 1, 2017. This translates to an update deadline of September 30th for the end user.

New dll's have been developed and will be delivered as part of the next data update to comply with the USPS requirement.

 

Will I need to update my software?

If you are using addressing in findIT S2/ matchIT Web -  Yes

If you are using a version of mSQL prior to 2.0.2 - Yes

If you are using a version mSQL 2.0.2 or newer - No - But we still reccomend updating to keep results consistent with older versions.

if you are using mDesktop, there is no need to update, but we would suggest installing the new SHA256 data/dll's to confirm they work for you and QA the results before September 30th.

 

All clients will be provided both the old SHA1 Data (what you have been getting for the updates until now) and SHA256 data that will work until September 30th, in mid September the next update provided will only be the SHA256 data.

 

Are there new dependencies with these new dll's?

Yes, some users will need to install a new dependency for the new data - specifically  the Microsoft Visual Studio 2013 C++ Redistributable Packages for x86 or x64 depending on whether they application is using the Z4DLL32.dll or Z4DLL64.dll. 

Below is a link to the latest VS2013 Redistributables:

https://www.microsoft.com/en-us/download/details.aspx?id=40784

if you're using mDesktop/findIT/matchIT Web, then we suggest the X86 version

if you're using mSQL, then we suggest the x64 version 

 

How will this impact the results:

The results will be nearly identical, but there is a new error code that will be returned that you need to be aware of as this could impact your process:

Error Code 19 (addrscore of 19 in mSQL) denotes a situation where the engine could match the address in the Zip4 data, but was unable to DPV verify, so the result is no match. In previous versions, the returns were ambiguous, as the error code would be zero (or blank if using desktop) but the DPV result would indicate a match failure. Error Code 19 is a result of removing the ambiguity. 

If you do not update your mDesktop/mSQL software, this error code/addrscore 19 will be returned automatically when you update the data, if you do update your software though we've added a new option which will by default keep the return codes the same as the old version.

If you do updates based off the addrscore of 0 or DPV = N (mSQL), or blank errorcode (mDesktop), or using findIT S2/matchIT Web for addressing at all, then you will either need to update so as to not impact your process, or adjust your process if you believe this change will impact you. On most clients data this normally would impact is less than 1% of the data.

 

For more details on findIT S2/matchIT Web go here

For more details on mSQL go here

For more details on mDesktop go here