If you are using PayPal as a customer payment gateway, you need to be aware of some key dates that mark significant changes to PayPal’s security standards, or your service could be disrupted.
Could Your Ecommerce Store Get Shut Down?
Keep Your Guard Up
From the first quarter of 2014 to the last quarter of 2015, PayPal’s total net payment volume grew 66% from 53 billion to 81 billion U.S. dollars. On May 12th, 2016, the PayPal Developer blog was updated to reflect newly revised deadlines for making the site more secure. However, we know that as small business owners, you are busy running your business, and sometimes emails get deprioritized, buried, lost, or just plain forgotten. So, considering that some of these changes could completely shut the lights off on your web store, we believe it’s warranted to pause The Bachelorette for a moment and make sure you are aware of the upcoming security updates, mandated by PayPal.
SSL Certificate Mandate – SSL (Secure Socket Layer) is comprised of small data files that digitally bind a cryptographic key to an organization’s details as a way to guarantee that the site information is authenticated. The SSL Certificate works with TLS to provide a more secure data transfer process. Without these things in place, hackers can easily intercept data between computers. If you have an older SSL Certificate, PayPal will stop working for your customers on June 17, 2016.
TLS v1.2 Mandate – TLS (Transport Layer Security) is an encrypted protocol used to communicate data between client & server applications. The primary goal for TLS is to provide privacy and data integrity when sending data between computers. TLS v1.2 is the latest version of the protocol and some older server software, like Windows Server 2003, and Windows Server 2008 (version R1 or lower) do not support v1.2. Client must make updates by June 30, 2017.
For more information about all the PayPal updates occurring through 2017, go to the PayPal Developer blog and see the full list.