WebsiteBaker Support (2.8.x) > Bakery Shop

Paypal security update?

(1/3) > >>

N1kko:
Not sure if people are aware but paypal are having a security update early December and I see prestashop are having to update along with this. will bakery need a paypal update?

freeSbee:
Hi N1kko

Could you provide some more information on this? A link to the PayPal announcement would be very helpful.

Thanks and regards
Christoph

N1kko:
Hi,

Sorry meant to put link

http://www.prestashop.com/blog/en/security-alert-on-the-paypal-europe-module-action-required-by-december-3-2014/

instantflorian:
See also

https://ppmts.custhelp.com/app/answers/detail/a_id/1182

freeSbee:
POODLE SSL 3.0 Vulnerability

POODLE is an internet security vulnerability that impacts the Secure Sockets Layer (SSL) 3.0 protocol that was a widespread but 15-year-old security protocol. When exploited, this vulnerability enables cyber criminals to gain access to connections.

PayPal will completely disable SSL 3.0 support on December 3, 2014. This may cause compatibility problems for Bakery shops resulting in the inability to pay with PayPal.

Bakery uses PayPal PDT (Payment Data Transfer) and IPN (Instant Payment Notification) to verify PayPal transactions. Only PDT is ready to use the TLS protocol.

Therefore if a customer does not wait to be redirected back to the webshop upon payment completion (eg. closes the browser window), your Bakery shop will not be notified about the order. In this case IPN should make the notification in the background directly to the Bakery software.

Next version of Bakery - which is almost ready - will be using TLS instead of SSLv3 protocol for both PDT and IPN.

Regards Christoph

Navigation

[0] Message Index

[#] Next page