BigCommerce - PayPal - SSL

  • 0
  • 1
  • Question
  • Updated 5 years ago
Archived and Closed

This conversation is no longer open for comments or replies and is no longer visible to community members. The community moderator provided the following reason for archiving: We have archived this topic as it has either reached a resolution or has become inactive.  If you believe this topic should not have been archived, please let us know, and we would be happy to review it.  You may continue to access this topic as needed fo

Received the following notice from PayPal and wondered if this is known and/or being addressed at BC or if there are any steps we are required to do?

On October 14, 2014, details were released about a vulnerability to version 3 of Secure Sockets Layer (SSL 3.0). Since that time, PayPal has been hard at work to mitigate any potential impact to our consumers and merchant customers.

To help mitigate risk associated with this vulnerability, PayPal will discontinue support for SSL 3.0 on December 3, 2104 at 12:01 a.m. Pacific Standard Time. Unfortunately, this necessary step may cause compatibility problems resulting in the inability for customers to pay with PayPal on your site or other processing issues.

We wouldn’t have been able to extend our support of SSL 3.0 to December 3, 2014, at 12:01 a.m. PST if we hadn’t also been able to take significant steps to migrate the risk of this vulnerability for our customers. We want to assure our customers we have seen no evidence that the SSL 3.0 issue has led to any compromise of security at PayPal.

Keeping our customers’ accounts, data and money secure is PayPal’s top priority and a guiding principle when we make challenging decisions, like this one.

We’re here to help our merchants through this process. We’ve put together a comprehensive Merchant Response Guide to ensure systems are secure from this vulnerability.

What do I need to do?

If you don’t manage website integrations for your business, we strongly encourage you to work with your website service partner (developer, hosting company or e-commerce platform, etc.) and share the Merchant Response Guide, which provides the basic guidelines on how to update to Transport Layer Security (TLS). If your website service has questions or need support, advise them to contact our Merchant Technical Support.

Thank you for your prompt attention to move this issue and understanding of our approach. Though we recognize this necessary step may cause compatibility issues, we can’t stress enough that this short-term inconvenience is heavily outweighed by our joint promise to our respective customers that we will keep their accounts and financial details safe. We plan to keep our customers up to date on how we are addressing this issue via the appropriate channels, including PayPal Forward, our Twitter handle, Customer Service and for merchants, through our Merchant Services team.

For technical assistance, please call 855-489-0342.
Please advise...Thank You
Photo of S

S

  • 6,760 Points 5k badge 2x thumb

Posted 5 years ago

  • 0
  • 1
Photo of Drew N

Drew N, Alum

  • 262,816 Points 100k badge 2x thumb
Hi S.

Bigcommerce has addressed all concerns about this and are currently engaged with Paypal in re-testing the site.

Drew
Photo of S

S

  • 6,760 Points 5k badge 2x thumb
Thanks for the update Drew! :)

I trust based on the comment there will be no action required on our part?
Photo of Drew N

Drew N, Alum

  • 262,816 Points 100k badge 2x thumb
Correct. If ever something is required of you, then either we or Paypal will tell you specifically what that is.

Drew
Photo of S

S

  • 6,760 Points 5k badge 2x thumb
TY!
Photo of Drew N

Drew N, Alum

  • 262,816 Points 100k badge 2x thumb
You're welcome

This conversation is no longer open for comments or replies.