"POODLE" Vulnerability in Secured Sockets Layer 3.0 (SSL 3.0)
Description
A vulnerability known as "POODLE" (Padding Oracle On Downgraded Legacy Encryption) has recently been discovered on SSL 3.0 used by older versions of web browsers such as Internet Explorer 6 and below. SSL is used to establish an encrypted link between a website and a web browser to keep the customer's credentials and transactions secure.
With the "POODLE" vulnerability present on SSL 3.0, an attacker can exploit this vulnerability to obtain users' cookies and compromise users' accounts.
How to protect yourself from this?
We recommend everyone to download and install the supported versions of Internet Explorer (version 8, 9, 10 and 11) and Safari (on iPad with iOS7 and iOS8) to ensure a safe and secure online experience while accessing Prudential websites.
Prudential websites have layered security controls such as 2FA, OTP that keeps your transactions secure.
For added security, we will not be supporting the now insecure SSL3 protocol from 17 May 2015. Older versions of web browsers such as Internet Explorer 6 will no longer be able to access Prudential websites.
Prudential provides you with the option of encrypting your login information by using the "secure mode".
When you login using secure mode, you are using the industry-standard Secured Sockets Layer (SSL) encryption technology
to protect the information you transmit.
Secure mode is not supported by all browsers. You may need to download the latest version
of Microsoft Internet Explorer or
Netscape Navigator or upgrade
your browser to take advantage of secure login.