If you are one of the many people who have been greeted by an error whenever you tried to visit either TeleOne’s Telepay or the FBC website then you are not alone and the problem is certainly not on your end. These two entities are entirely to blame for this. It means they dropped the ball by not updating their certificates in time.
Currently if you try to visit either website using either Chrome 70.0.3538 the latest version of the most popular browser in the world or its derivatives you will be greeted by an error. Visiting either site in Chrome will get a NET::ERR_CERT_SYMANTEC_LEGACY and cite privacy issues as the reason why it cannot display the site.
If you are not seeing this error and you are using Chrome
If you are using Chrome or Chromium and not seeing this error then it might mean you are not using the latest version of this browser. It is always important to keep your browser up to date for security reasons and so you can get the latest features your browser has to offer. As pointed out above the latest version of Chrome as of this writing is 70.0.3538.
So what is causing the error?
Months ago the developers of Chrome and Chromium warned that they would be making changes to these browsers that will see certain Symantec Certificates being no longer trusted. The error shows that the website you are trying to visit is still using an old, out-of-date, no-longer trusted security certificate issued by Symantec or its subsidiaries (including GeoTrust, Thawte, and VeriSign).
On January 19, 2017, a public posting to the mozilla.dev.security.policy newsgroup drew attention to a series of questionable website authentication certificates issued by Symantec Corporation’s PKI. Symantec’s PKI business, which operates a series of Certificate Authorities under various brand names, including Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL, had issued numerous certificates that did not comply with the industry-developed CA/Browser Forum Baseline Requirements. During the subsequent investigation, it was revealed that Symantec had entrusted several organizations with the ability to issue certificates without the appropriate or necessary oversight, and had been aware of security deficiencies at these organizations for some time.
Do not worry this is just a cautionary step from Google Chrome
What it all means is that Chrome and Chromium devs are just looking out for your security. It does not mean that FBC or Telepay did anything wrong nor does it mean they were compromised in anyway. You can also bet that the guys at these institutions as well as many others affected by this change are working hard to fix it.
The problem is just that most people don’t really pay attention to browser related news. I remember days when opening a browser actually meant going online, usually a dial up a connection, back then people really cared about what a browser was. Nowadays a browser is just an App even though we use it on a daily basis; more than we did back then.
How to fix this error?
Unfortunately you cannot visit these sites in Chrome the normal way. If you still want to use Chrome you will have to click on Advanced and clicking on Proceed to Unsafe site. That will allow you to go about your business although if you look up the address bar will have jarring red colour to remind you of your perceived misdeed.
You can also visit these sites and use their services normally using Firefox. I hope that these institutions will fix this error before these certificates are blocked in Firefox too. Although like Chrome, Firefox does have an advanced option that will allow you to visit the sites anyway. With big red warning sign to boot.
FBC Holdings Limited (FBCH) is an Investment holding company listed on the Zimbabwe Stock Exchange and whose principal activities are in Zimbabwe. The Group offers diverse financial services through subsidiaries that span commercial banking, mortgage financing, short-term insurance, reinsurance, securities trading and micro-financing. In all,... Read More About FBC