PCI Compliance warning

Go to solution
DurgaTree
Contributor
Contributor
Posted on
‎Jul-24-2018 10:19 AM

Today we received a warning pop-ups when we logged in, saying that we are not PCI compliant with our Neon/Paypal integration. We immediately took the screenshot and reached out to our CRM system, Neon. However, from the Neon side they say they are fully compliant, that they support TLS 1.2, and do not understand why are getting the message.  The next time we logged in, the message isn't even there so we can't click through to get more info as they requested. Thoughts? Here is the image below:

paypal notice.jpg

 

 

 

Login to Me Too
Login to Reply or Kudo
1 ACCEPTED SOLUTION

Accepted Solutions
Solved

Go to solution
DanUKSW
Contributor
Contributor
‎Jul-25-2018 04:45 AM

OK, after finally getting though to a human it seems we are 100% using TLS 1.2 and that message is being shown across the board whether you are compliant or not...which is really useful for scaremongering.

View solution in original post

1 person found this solution to be helpful.
Login to Me Too
Login to Reply or Kudo
4 REPLIES 4

Go to solution
DanUKSW
Contributor
Contributor
‎Jul-25-2018 02:17 AM

Hi, same here although we thought we had it sorted.

 

A few weeks ago our account was suspended from withdrawing money as PayPal said we were using an older version of TLS than the 1.2 required. In a panic I managed to pay our cart developers to update our two shopping carts as they were allegedely using the older 1.0 protocol. Within the first couple of transactions since the update, the hold on our acocunt was lifted. This, coupled with the assurance form the developers that the traffic for payment is indeed over TLS 1.2, I assumed that was the matter 'sorted'.

 

Today I get the same message as you when logging into Paypal. This is obviously quite unsettling as I thought we had this fixed. I can't get hold of the devlopers quickly and I ahve about a week to sort this before I am away on vacation.

 

I wonder how one knows specifically which transactions PayPal are referring to as it doesn't quite make sense to what I experienced a few weeks ago with it seemingly fixed? Could that message we are seeing somehow be innacurate?

 

Thanks

 

Dan

Login to Me Too
Login to Reply or Kudo
Solved

Go to solution
DanUKSW
Contributor
Contributor
‎Jul-25-2018 04:45 AM

OK, after finally getting though to a human it seems we are 100% using TLS 1.2 and that message is being shown across the board whether you are compliant or not...which is really useful for scaremongering.

1 person found this solution to be helpful.
Login to Me Too
Login to Reply or Kudo

Go to solution
DurgaTree
Contributor
Contributor
‎Jul-26-2018 04:28 AM

I agree - I finally got the message to pop up again and went all the way through their "test your system" and it said my connection was fine. Paypal needs to do something on their end - they are scaring people with this  :o/

 

 

pci 7.jpg

 

 

 

Login to Me Too
Login to Reply or Kudo

Go to solution
Steve-Lands
New Community Member
‎Dec-08-2024 10:43 PM

I received an email from PayPal PCI Support <email address not allowed to be shown by PayPal>

entitled "Action required: validate your PCI compliance".

 

This seems redundant to me, as I know that PayPal is already PCI compliant.

 

Does anyone know whether or not this email is legitimate ? 

Login to Me Too
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.