I just received an email from our friends at Paypal saying that they will be updating the payflow gateway and will no longer support TLS 1.0 after June 30 of this year (2017).
Has anyone else received this notice?
A year or two ago, Paypal announced this and then backed away from it. Thankfully, they did, because we know (at least at our site) that Ecommerce will not work (all transactions get voided) without TLS 1.0. At that time, I submitted a call to III to update their software, but I have no idea what happened to it.
The questions I have for the group are: does anyone know about TLS and Ecommerce? and
What are others planning to do regarding this announcement from paypal (assuming that Ecommerce will no longer work)?
here is the body of the email I received in case you were interested:
Payflow integration upgrade information.
Security and safety are top priorities for PayPal, but being a good partner to you is equally important. We announced last year our plans to strengthen our Payflow integration as part of a broader infrastructure security initiative. We’re now sharing more details with you.
Payflow TLS 1.2 endpoint upgrade
Payflow production endpoints are scheduled to be upgraded to TLS 1.2 starting after June 30, 2017. When that happens, we’ll no longer support TLS versions 1.0 and 1.1.
In preparation for the upgrade, you’ll be able to test your integration in the Payflow Pilot environment after February 15, 2017. We strongly encourage you to adjust your configuration and test your integration prior to the Payflow Production upgrade currently scheduled starting after June 30, 2017.
For more information on the Payflow TLS 1.2 upgrade, you can refer to our TLS 1.2 and HTTP/1.1 Upgrade Microsite.
Scheduled change dates provided in this email and on the TLS 1.2 and HTTP/1.1 Upgrade Microsite are subject to change. Please monitor our TLS 1.2 and HTTP/1.1 Upgrade Microsite for the most up-to-date information.
Frequently asked questions
How do I make these changes?
The details on the required changes and how to implement them can be found on our TLS 1.2 and HTTP/1.1 Upgrade Microsite.
What will happen if I don’t make the changes by the due date?
If you haven’t made the necessary changes by the deadline dates, you won’t be able to process payments through the Payflow Gateway. We strongly encourage you to adjust your configuration and test your integration after February 15, 2017 once the Payflow Pilot environment has completed the TLS 1.2 upgrade.
What can I do if I need help with all this information?
We encourage you to contact your web hosting company, e-commerce software provider, in-house web programmer, or system administrator for assistance with these changes, if needed. If not supported, click Help & Contact on any PayPal page or visit the Technical Support Portal to submit a ticket. Select Security Changes (TLS/Certificate) from the Product drop-down menu.
As a leading payment provider, we’re committed to continually investing and innovating to deliver to customers the strongest protection possible. Thank you for your support of our commitment to maintain the highest security standards for our global customers.
Was this email helpful? Please click here to let us know how we're doing at keeping you informed.