SSL Cert Renewal

The BIC platform will transition to a new TLS certificate trust chain on May 12, 2026, in response to major browser and operating system vendors retiring legacy root CA certificates.

What does this mean?

On May 12, 2026, the BIC platform will begin using new TLS certificates signed by DigiCert, replacing the current certificate chain issued by Sectigo and USERTrust. This change is required to maintain secure connectivity and uninterrupted payment processing.

What action is required?

Please confirm your systems are prepared with the appropriate root certificate installed to maintain uninterrupted access to the BIC platform ahead of the transition date.

• Most browsers and operating systems require no action by default.
• If you manually manage certificate trust stores, ensure the following root certificate is installed: DigiCert TLS RSA4096 Root G5.
• If your integration manually deploys server certificates (e.g., *.na.bambora.com or *.beanstream.com), update to the new certificates. We strongly recommend against manual deployment.
• If you are using the na.bambora.com endpoint and are not manually storing the certificate, it will continue to work.

Testing and availability

• The UAT environment will be updated with the new certificate chain on April 27, 2026.
• Certificates and related updates will be published on the Developers Portal prior to May 12.

What you need to know

• This change is technical in nature. If you are unable to verify your integration, please consult your developer or software/web provider.
• SSL/TLS best practice is to trust only the root certificate. Do not download or store server certificates.
• If you manage your certificate trust store manually and take no action by the deadline, connections to the BIC platform may fail.

If you have issues with the required changes, please reach out to our Customer Care team.