Paypal Security Upgrade will render paypal buttons on sitebuilder non-compliant and they will no longer work

  • 0
  • 1
  • Problem
  • Updated 2 weeks ago
  • In Progress
Archived and Closed

This conversation is no longer open for comments or replies and is no longer visible to community members. The community moderator provided the following reason for archiving: Archived

We received the message below from Paypal.  Our homestead site built with SiteBuilder and relies on paypal buttons from that site.  This looks like it will be a serious issue unless we become compliant by 6/30.  help!

Paypal Customer,

Every day, hundreds of millions of people use PayPal to manage and move money online or on a mobile device. That is why one of our top priorities is to ensure both our customers and your customers have a safe, secure experience when transacting with PayPal. We are committed to providing the highest level of security to protect customer and transactional data and have been upgrading our systems to ensure we are processing on the latest and most secure protocols.  One of those security protocol upgrades, in line with the Payment Card Industry (PCI) DSS mandate, is to the Transport Layer Security (TLS) cryptographic protocol, which requires TLS 1.2, no later than June 30, 2018.

Our records indicate your current PayPal integration is utilizing a version that is less than TLS 1.2.  With the deadline for this security upgrade currently set at June 30, 2018, you will need to act immediately to upgrade your PayPal integration(s) to utilize TLS 1.2 cryptographic protocol PRIOR to this date.

Failure to upgrade your integration by June 30, 2018 will lead to an inability to connect to PayPal for processing customer transactions.  For further information on the TLS 1.2 upgrade, please bookmark the TLS 1.2 Upgrade Microsite page and visit frequently to ensure you are armed with the most current information.  You will also find information on the other merchant security upgrades on the 2017-2018 Merchant Security Microsite page.

Please note, over the next few months, PayPal will conduct several rounds of testing to emulate the upgraded security experience so merchants can understand the areas of their integration that still requiring security protocol upgrades.  If you have already made the required upgrades as outlined on the 2017-2018 Merchant Security Microsite, your PayPal integrations will not be impacted.  If you have not made the required upgrades, we encourage you to do so as soon as possible to avoid service interruption that may occur during our security upgrade testing activities.

Dates for these tests and full deployment will be published on our Merchant Security Upgrade Testing page at least two weeks prior to implementation so please bookmark and return frequently for the most up to date information.

Thank you for using PayPal and for your support in providing the most secure payment experience for our shared global customers.
Photo of Thomas9351

Thomas9351

  • 464 Points 250 badge 2x thumb
  • a bit frightened

Posted 1 month ago

  • 0
  • 1
Photo of Drew N

Drew N, Community Manager

  • 251,594 Points 100k badge 2x thumb
Our engineers have been working on this and are expected to be ready for the deadline.
Photo of david2953

david2953

  • 6,370 Points 5k badge 2x thumb
Drew...does your response imply that all Homestead sites will be https compliant without having to subscribe to a third parties services?
Photo of Drew N

Drew N, Community Manager

  • 251,564 Points 100k badge 2x thumb
No, this is a separate issue. PCI compliance relates primarily to ecommerce functions and the communications from our checkout pages to the processor.
Photo of Thomas9351

Thomas9351

  • 464 Points 250 badge 2x thumb
Hi Drew - Are we still on track with this?. Thank you.
Photo of Drew N

Drew N, Community Manager

  • 251,564 Points 100k badge 2x thumb
I am told we are, yes.

This conversation is no longer open for comments or replies.