Feb 2017
4 / 6
Jun 2018
Jun 2018
anthonyk
Feb '17

Got this message from PP today. Since e-junkie is the only shopping cart I have connected to my PP account, I'm assuming this message probably relates to that, but am not entirely sure. There appears to be one item that still needs an update. Curious if this is something I need to do or if this is something that e-junkie is working on.



There are four remaining areas that our security upgrades will impact and we’ve identified the areas that need your attention. The chart below shows whether you’ll need to make changes, or if your business is already compliant or doesn’t use that functionality:



TLS 1.2 and HTTP/1.1 Upgrade – Complete by June 30, 2017

Update Needed: Yes



IPN Verification Postback to HTTPS – Complete by June 30, 2017

Update Needed: No



Discontinue Use of GET Method for Classic NVP/SOAP API’s – Complete by June 30, 2017

Update Needed: No



Merchant API Certificate Credentials Upgrade – Complete by January 1, 2018

Please note that this may be completed earlier based on the expiration date of your certificate

Update Needed: No

  • created

    Feb '17

  • last reply

    Jun '18
  • 5

    replies

  • 2.1k

    views

  • 5

    users

  • 1

    like

  • 1

    link

E-junkie_GuruWebmaster & Support Guru
Feb '17

Rest assured we take care of backend payment processor integration details like this for you, and we are already fully compliant with all requirements listed above. We suspect "identified the areas that need your attention" means they know your site URL and thus may have tested against your own site domain rather than ours, under the mistaken presumption you're running an ecommerce software package installed on your own server.

E-junkie_GuruWebmaster & Support Guru
Feb '17

Rest assured we take care of backend payment processor integration details like this for you, and we are already fully compliant with all requirements listed in PayPal's latest batch of "identified the areas that need your attention" notifications regarding an update for TLS 1.2 and HTTP/1.1. We suspect PayPal is sending these because they know your site URL and thus may have tested against your own site domain rather than ours, under the mistaken presumption you're running an ecommerce software package installed on your own server, rather than using a centrally-managed ecommerce service like E-junkie.

1 year later
jwbennett1
Jun '18

Thanks for the information. i just sent and email to support to ask the same question and just found this thread. Glad to hear it is already under control. Thanks E-junkie

16 days later
gcrabe
Jun '18
E-junkie_Guru

I am in the same boat. I have now received a final notice (by snail mail!) from PayPal telling me that I have until June 30th to fix the "problems", if not, I will be unable to accept payments. e-junkie is the only e-commerce site I am using. My hosting service assures me they are compliant, so I don't know where else to look! Help!!!

Geneviève
Amaryllis Creations

E-junkie_MonsterSupport Monster
Jun '18

Hi Geneviève,

Sorry for the worry, we are definitely in compliance with PayPal's requirements and we've double checked that with them, so you don't need to make any changes. Your E-junkie buttons will keep working through the deadline.

Some of the letters PayPal sent out refer to a server that was using the older TLS 1.0 protocol, that was found and fixed on June 5th and they've confirmed that there have been no issues since.