"REQUIRED to avoid service interruption you need to complete important security upgrades"

69Michi
Contributor
Contributor

Hello, I received an email from paypal reminding me that I need to complete some important security upgrades. Specifically, the email asks me to do "TLS 1.2 and HTTP/1.1 Upgrade." The consequence of unable to do this by a specific date is that I won't be able to accept payment from my Paypal anymore. But as I read through everything and even tried to google, it seems like I only need to do this upgrade if I own a website that use Paypal as payment portal? (All the terms sound very technical, I couldn't quite understand everything) I do not have any website and my Paypal is a personal Paypal, not a business one. I just want to confirm if this email really is addressing me and if I need to do any update to my account. Thank you.

Login to Me Too
24 REPLIES 24
Solved

Preston_PP
PayPal Employee
PayPal Employee

The email is from PayPal, and should have included a link to the microsite www.paypal-notice.com , which has full details


Here is a PayPal article that talks about content being put there: https://www.paypal.com/us/selfhelp/article/our-tech-support-content-has-moved!-ts2171

Login to Me Too

Patricia333
New Community Member

I too, received a message from (supposedly) paypal in reference to "TLS 1.2 and HTTP/1.1 Upgrade - Complete by June 2018
-
Update Needed: Yes
...however, my security system Avira blocks this site as malware/phishing.  Also, on my paypal account, I have no notification of any such upgrade.

I find no explanation in my account settings as to what this upgrade is or what it is for.  Haven't a clue.

Can anyone advise if this is indeed a malware/phishing fake email from Paypal or not?

 

Thank you.

 

Patricia333

 

Login to Me Too

Chicago48
Contributor
Contributor

I got this email from PP 2X's and I'm confused about what I'm supposed to do.  Everytime I go to the site it suggests, I am more confused about what to do?

 

Our records indicate that you still need to make critical security upgrades to your systems. If you see a “YES” next to a security change, your integration must be updated to accept these new security measures as soon as possible.

 

Change Change Required?

Merchant API Certificate Credential UpgradeNo
TLS 1.2 and HTTP/1.1 UpgradeNo
IPN Verification Postback to HTTPSYes
Discontinue Use of GET Method of Classic NVP/SOAPNo
Login to Me Too

jptonic
Contributor
Contributor

Guys,

 

We don't need or use IPN and I have turned it off via profile > profile & settings > my selling tools > Instant payment notifications > update > choose IPN settings  but we STILL get the daily email message with the subject "PayPal Instant Payment Notification Warning" .  We don't use IPN and we never have.  How the heck do I put an end to these notifications.

 

Another issues that is weird is that it's looking for a path that's not been created. Why would the system look for this all of a sudden?

The email warning started 4 or 5 days ago.

 

It's very strange.

 

Here's the path.

 

http://ourwebsitedomain.com/paypal/paypalScript.php

Why would PP look for this specifc IPN script that we never created in the first place?

 

 

 

itsoff.png

 

Have I missed something?  Why won't PP stop bugging me?

Login to Me Too

Rick357
Contributor
Contributor

Well, I can not check the information, as everytime I receive the email, Avast blocks it as a dangerous site. This is the third email I receive from them. I pay attention to it, because I am addressed by name and not like "Dear User" or anything like that which scammers do.

 

 

PayPal_email.pngPayPal_site.png

Login to Me Too

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.