SHA-256: What does it mean for you


Data security and data breaches have become a fixture in the news. You might even recall the story of Dropbox being hacked for 68M, of its then 100M user emails and encrypted passwords. At the time Dropbox was in the process of upgrading its encryption from the SHA-1 standard to a more secure algorithm (SHA stands for Secure Hash Algorithm). This is the same algorithm the United States Postal Service has relied on to protect the USPS postal data file.

In order to improve protection of the address data of millions of Americans the U.S. Postal Service (USPS) is upgrading its security algorithm from SHA-1 to the industry preferred SHA-256. This conversion is based on an Office of Inspector General (OIG) recommendation to transition to a more secure algorithm.

What this means for your organization

For most 360Science customers using USPS data for address validation, the conversion to SHA-256 should be seamless. Most 360Science customers will not even notice the changes to the way the USPS handles its data.

What should I do if I use USPS data for address validation?

For a majority of customers a simple update will be done with the next USPS addressing update.

Certain 360Science customers utilizing Address Validation should take appropriate action before the next USPS data-sets are delivered at the end of July. For those who have multiple 360Science platforms and/or tightly integrated use of DLL’s or return codes into automated processes, these changes could cause errors in your automated systems when you make an addressing call once USPS has completed the transition.

We will be reaching out to affected customers directly to discuss their specific situation, and any steps that need to be taken.

If you have any concerns regarding address validation and your process please contact us by submitting a ticket in 360Science Labs.