With Chrome 56, Google has introduced a new indicator that displays whether or not the page being served is secure or insecure. Mozilla has followed suit with their Firefox 55 update by displaying a dialog message underneath login fields.
Chrome v56 will now indicate the connections security with an icon in the address bar. Please review the changes being made here: Google Security Blog Firefox v55 will display a contextual message below fields where users enter their login credentials. Information on the new security dialog in Firefox can be found here.
Luminate Online management and engineers are aware of the changes, and they are actively working towards a solution for these changes. In light of these changes, Product Management has released the following statement:
“Our current security audit process is a very thorough process that goes in depth into all areas of Luminate Online and relies heavily on protecting our organizations from potential security issues. The new warning label inside Chrome browsers is not a security issue that any of our security audits have surfaced. Currently, the warning label isn’t surfacing in areas of Luminate where we have sensitive data being transferred. We are working to prioritize this work, but since the level of effort and risk associated is a big initiative, it will require an investment over several months. Constituent data is of the upmost importance and we ensure strict PCIDSS and PI enforcement to be secure. Even though UserLogin pages may be on a non-secure page, we still encrypt the credentials upon login to verify that we securely transfer the data. Clients also have the option of using the secure version of the UserLogin page.”