PayPal are making important changes to the way their payment systems communicate with e-commerce websites, to make them more secure. Following the discovery of the POODLE vulnerability earlier this year, PayPal are taking action to stop SSLv3 connections to their systems. This is happening in two phases – the first one is today (3 December 2014) and the second one is currently scheduled to be on 12 January 2015.
These changes could affect your website’s abilities to take payments through PayPal. Whilst only some sites – using particular types of e-commerce software and/or running on particular server setups – could be affected, we advise that you refer to the documentation that PayPal have provided, so you can work out whether or not there will be an issue with your particular setup. You may also wish to carry out a test transaction on your website after each stage of changes.
If you find that your website is affected by the changes, then PayPal have provided links to support for many of the main e-commerce software platforms. Or, get in touch with us and we will be able to advise you.
- Here’s the main announcement from PayPal.
- Here’s all the technical information.