PayPal is reminding merchants that the deadline to upgrade to Transport Layer Security (TLS) 1.2 is quickly approaching.
On June 30, 2018, PayPal will require all merchants to upgrade their security protocols to TLS 1.2, in line with the requirements set by the Payment Card Industry (PCI) Council.
If merchants do not make the necessary updates by the June 30th deadline, they will no longer be able to accept PayPal payments until the upgrades are complete.
Why is PayPal Requiring Merchants to Upgrade to TLS 1.2?
PayPal says it is committed to providing the highest level of security to protect customers online and the payment processor works closely with the merchant community to help them do the same.
In the past, merchants and partners typically used HTTPS to securely connect with PayPal’s servers.
At PayPal, the company uses the TLS protocol to encrypt these communications, because it has been determined by the PCI Council and global security experts to be the best way to protect customer data online.
READ MORE: Hacked: PayPal’s Resolution Process
In order to protect the shared customer data from security and fraud-related issues, the company is requiring all merchants who process payments with PayPal to update to TLS 1.2 by June 30, 2018.
What Do Merchants Need to Do?
Merchants should verify whether their environment supports TLS 1.2 and, if necessary, make appropriate updates.
PayPal is ready to help. More information about the required changes, the impact of the changes, and how to implement them can be found on the company’s Merchant Security Microsite.
For merchants who need further assistance with the upgrades, they can visit PayPal’s Partner Directory for businesses that can help with these types of systems questions.
Online merchants may also check with their eCommerce software provider for help. Most likely all major cloud-based platforms are already using PCI compliant data transfers and there is very little that needs to be done from the merchant’s end.
But it is still a good idea to confirm with the cloud-based eCommerce service provider.
Online retailers that use open-source integrations may need to check on plug-ins or extensions that may be used for PayPal payment processing. Also, merchants using open-source platforms should contact their hosting provider for more information as well.
With only about two weeks left, now is the time for merchants to confirm that their platform is secure and able to comply with PayPal’s TLS 1.2 requirement.
If you like to comment on this story, please head over to our Facebook Discussion Group or use the comments section below.