Skip to main content

Tue, Apr 17, 2018 7:25 PM


Paypal Security Upgrade will render paypal buttons on sitebuilder non-compliant and they will no longer work

We received the message below from Paypal.  Our homestead site built with SiteBuilder and relies on paypal buttons from that site.  This looks like it will be a serious issue unless we become compliant by 6/30.  help!

Paypal Customer,

Every day, hundreds of millions of people use PayPal to manage and move money online or on a mobile device. That is why one of our top priorities is to ensure both our customers and your customers have a safe, secure experience when transacting with PayPal. We are committed to providing the highest level of security to protect customer and transactional data and have been upgrading our systems to ensure we are processing on the latest and most secure protocols.  One of those security protocol upgrades, in line with the Payment Card Industry (PCI) DSS mandate, is to the Transport Layer Security (TLS) cryptographic protocol, which requires TLS 1.2, no later than June 30, 2018.

Our records indicate your current PayPal integration is utilizing a version that is less than TLS 1.2.  With the deadline for this security upgrade currently set at June 30, 2018, you will need to act immediately to upgrade your PayPal integration(s) to utilize TLS 1.2 cryptographic protocol PRIOR to this date.

Failure to upgrade your integration by June 30, 2018 will lead to an inability to connect to PayPal for processing customer transactions.  For further information on the TLS 1.2 upgrade, please bookmark the TLS 1.2 Upgrade Microsite page and visit frequently to ensure you are armed with the most current information.  You will also find information on the other merchant security upgrades on the 2017-2018 Merchant Security Microsite page.

Please note, over the next few months, PayPal will conduct several rounds of testing to emulate the upgraded security experience so merchants can understand the areas of their integration that still requiring security protocol upgrades.  If you have already made the required upgrades as outlined on the 2017-2018 Merchant Security Microsite, your PayPal integrations will not be impacted.  If you have not made the required upgrades, we encourage you to do so as soon as possible to avoid service interruption that may occur during our security upgrade testing activities.

Dates for these tests and full deployment will be published on our Merchant Security Upgrade Testing page at least two weeks prior to implementation so please bookmark and return frequently for the most up to date information.

Thank you for using PayPal and for your support in providing the most secure payment experience for our shared global customers.

This conversation is no longer open for comments or replies and is no longer visible to community members.


No Responses!