The ability to use your smartphone or computer safely when online is of concern to everyone. Hacks and data breaches by which information is stolen and then used to make millions of people victims of identity theft is an ever present threat of life today. This is why when the CA/Browser Forum a trade group which mandates web encryption programs used throughout the web by the companies we all connect with online such as Facebook, Google and Twitter was told that its present encryption algorithm SHA-1 was vulnerable to hacking, it acted promptly and rolled out a new and more secure encryption algorithm, SHA-2. Companies are required to use the new SHA-2 on January 1, 2016 and this is a good thing, however, it is not a good thing for people who use smartphones that are more than five years old to surf the web. Their phones are generally incompatible with SHA-2. It has been estimated that about 40 million people worldwide still use smartphones that won’t support SHA-2 and, unless something is done, they will no longer be able to use their phones to surf the web as of January 1, 2016. Facebook has proposed a solution by which older browsers will be able to use the SHA-1 algorithm and newer ones the SHA-2, but as of the writing of this posting, no decision has yet been made by the CA/Browser Forum.
If your smartphone is less than five years old, you do not have to do anything. The security changes will happen automatically. However, if your smartphone is five years old or older, you should check with your service provider to see about your options. Even if Facebook’s proposal is accepted by the CA/Browser Forum, the old SHA-1 encryption algorithm is no longer safe and you should consider switching to a device that will support the new SHA-2 encryption algorithm.