I received the email below, called PayPal and they confirm that without SSL or TLS that payments will cease shortly on our site, I am in contact with support but this obviously is urgent with a deadline just inside December! Anyone who has resolved or heard of this?
thanks.....
To help mitigate risk associated with this vulnerability, PayPal will discontinue support for SSL 3.0 on 3 December 2104 at 8:01 a.m. Greenwich Mean Time. Unfortunately, this necessary step may cause compatibility problems resulting in the inability for customers to pay with PayPal on your site or other processing issues.
We wouldn’t have been able to extend our support of SSL 3.0 to 3 December 2014, at 8:01 a.m. GMT if we hadn’t also been able to take significant steps to migrate the risk of this vulnerability for our customers. We want to assure our customers we have seen no evidence that the SSL 3.0 issue has led to any compromise of security at PayPal.
Keeping our customers’ accounts, data and money secure is PayPal’s top priority and a guiding principle when we make challenging decisions, like this one.
We’re here to help our merchants through this process. We’ve put together a comprehensive Merchant Response Guide to ensure systems are secure from this vulnerability.
What do I need to do?
If you don’t manage website integrations for your business, we strongly encourage you to work with your website service partner (developer, hosting company or e-commerce platform, etc.) and share the Merchant Response Guide, which provides the basic guidelines on how to update to Transport Layer Security (TLS). If your website service has questions or need support, advise them to contact our Merchant Technical Support.
thanks.....
To help mitigate risk associated with this vulnerability, PayPal will discontinue support for SSL 3.0 on 3 December 2104 at 8:01 a.m. Greenwich Mean Time. Unfortunately, this necessary step may cause compatibility problems resulting in the inability for customers to pay with PayPal on your site or other processing issues.
We wouldn’t have been able to extend our support of SSL 3.0 to 3 December 2014, at 8:01 a.m. GMT if we hadn’t also been able to take significant steps to migrate the risk of this vulnerability for our customers. We want to assure our customers we have seen no evidence that the SSL 3.0 issue has led to any compromise of security at PayPal.
Keeping our customers’ accounts, data and money secure is PayPal’s top priority and a guiding principle when we make challenging decisions, like this one.
We’re here to help our merchants through this process. We’ve put together a comprehensive Merchant Response Guide to ensure systems are secure from this vulnerability.
What do I need to do?
If you don’t manage website integrations for your business, we strongly encourage you to work with your website service partner (developer, hosting company or e-commerce platform, etc.) and share the Merchant Response Guide, which provides the basic guidelines on how to update to Transport Layer Security (TLS). If your website service has questions or need support, advise them to contact our Merchant Technical Support.
Comment