Merchant Security Upgrade - What do I need to do?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have received notice that I am not compliant with the new Merchant Security Upgrade requirements. However, I am a bit confused on wht I actually need to do. All the documentation I am reading is mostly about APIs. I am simply using a "buy now" button - the actions is using HTTPS. I do use the IPN, but all my postbacks are using HTTPS.
I have been testing with the sandbox successfully (https://www.sandbox.paypal.com/cgi-bin/webscr) - and the docs I read said that the sandbox is using the new security upgrade. I am assuming that my sandbox testing is working that I am compliant, but I got notifications that I am not.
What am I missing?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This may help: If you are not hosting your own web site on your own servers, then this security update is basically not an issue for you assuming your web browser is running the latest version. This security update is not a PayPal thing, it's web wide.
Many web based services including PayPal are or have been updating their site security Transport Layer Security – or TLS – from TLS 1.0 to TLS 1.1. The Transport Layer Security (TLS) is a cryptographic protocol used to establish a secure communications channel between two systems. It is used to authenticate one or both systems, and protect the confidentiality and integrity of information that passes between systems including things as email, Internet faxing, and other data transfers. To ensure the security of your personal information, your web browser also needs to be compatible with the new protocol. Browsers that don’t support TLS v1.1 or v1.2 will not be able to view any site that has upgraded to TLS 1.1.
The following browsers support the security changes and no action is required on your part:
Internet Explorer 11 (Desktop & Mobile)
Internet Explorer 8,9,10 (Desktop – Compatible but not enabled by default)
Firefox 27 and higher
Google Chrome 38 and higher
Google Android 5.0 and higher
Safari 7 on OSX 10.9 (Mavericks) Desktop and higher
Safari 5 on iOS 5 Mobile and higher
Edge
The following operating systems are not compatible with TLS 1.1 or higher and it's recommended that you upgrade your operating system to a supported system:
Windows XP
Windows Vista
Server 2008
Server 2003
Notes:
* If you're currently using Internet Explorer 7 or earlier – You must upgrade your browser
* If you're currently using Google Chrome – You must have have Windows 7 or a newer operating system
* If you're currently using Firefox version 26 or earlier – You must have Windows XP Service Pack 2 or newer
* If you're currently using Safari – versions older than 7 on OSX 1.9 (Mavericks) – TLS 1.1 and TLS 1.2 are not supported, so you must use Google Chrome for MAC
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.
- Need help to integrate Advanced Checkout (PPCP) With WHMCS in PayPal Upgrade Community
- Need Help Upgrading to PayPal complete payments in PayPal Upgrade Community
- new wordpress paypal plugin in PayPal Payments Standard
- How to change Continue Shopping button when shopping cart is empty? in PayPal Payments Standard
- Inquiry Related to Paypal API in REST APIs