From the user POV, nothing is changed. The decision to deprecate SHA1 or not isn't specific to Keyless SSL (ie, Keyless SSL isn't a new product for the users)
From the bank's point of view, where we can say that Keyless SSL is a new product, only 2 cipher suites are allowed:
From the bank's point of view, where we can say that Keyless SSL is a new product, only 2 cipher suites are allowed:
which, as you can see, don't include sha1.