s
Contact Login Register
h M

Data Springs Modules Community Questions & Answers

PayPal Merchant Security Upgrades - require action?

My site uses Dynamic Forms 5.10 to connect to PayPal to take money. PayPal has sent me the email below that implies that my website will need to be changed due to their planned security upgrades. Since Dynamic Forms is handling the interaction with PayPal, not me. I need to know if Dynamic Forms needs any changes because of PayPal changes. And if simply upgrading to DF 6 or 6.10 would take care of the need.

 

 

PayPal

 

 

2016 merchant security upgrades

We recently announced several security upgrades planned for this year, some of which may require you to make changes to your integration. You’re receiving this email because we’ve identified areas of your integration that may need to be upgraded.

What you’re about to read is very technical in nature – we understand that. Please contact the parties responsible for your PayPal integration, or your third party vendor (for example, shopping cart provider, and so on) to review this email. They’re best positioned to help you make the changes outlined in this email and in the 2016 Merchant Security Roadmap Microsite.

What do I need to do to as a merchant?

We’ve outlined the steps to take to ensure your integration is up to date. We’re letting you know about these changes now because we don’t want you to experience a disruption of service when they go into effect.

Step 1: Consult with someone who understands your integration. We encourage you to consult with the parties that set up your integration, which could be a consultant or third party shopping cart. You may also need to find someone who can assist with making your integration changes.

Step 2: Understand how these changes affect your integration. Based on our records, we’ve identified areas that require your attention. It’s not a complete list, but does provide changes we feel you need to make to be ready for the security upgrades.

  • If the chart shows “Yes”, it means our records indicate that you may require changes to be compatible with that security upgrade.
  • If you see a “No,” that means our data shows that you are already compliant or do not use that functionality.

We want to call out that the information provided in this email may not reflect all the changes you need to make. Please assess your integration with the emphasis being on the items we’ve identified below:

Change

Do I need to make a change?

SSL Certificate Upgrade to SHA-256

Yes

TLS 1.2 and HTTP/1.1 Upgrade

Yes

IPN Verification Postback to HTTPS

No

IP Address Update for PayPal Secure FTP Servers

No

Merchant API Certificate Credential Upgrade

No

Discontinue Use of GET Method for Classic NVP/SOAP APIs

No

Step 3: Get the technical details on these changes. Detailed information of each of the changes and a location to test your integration are available on our 2016 Merchant Security Roadmap Microsite. Select the hyperlinks in the chart for information about specific change events.

Step 4: Make the appropriate changes by each “Act by” date*. It’s important to have your changes in place by the “Act by” date for each change event.

Step 5: Future-proof your integration. We recommend that you go through the “Best Practices section on our 2016 Merchant Security Roadmap Microsite.

Why is PayPal making these changes?

Protecting customer information is PayPal’s top priority. We support industry standards, such as crypto-industry’s mandate to upgrade SSL certificates to SHA-256, and Payment Card Industry (PCI) Council’s TLS 1.2 mandate. We also surpass those standards by investing and building some of the finest protection available. By addressing these changes this year, we believe it helps future-proof your integration and reduce the need to invest in changing your integration in the near future.

If you have any questions, visit our Help Center by clicking Help on any PayPal page. If you require further assistance, please call us at (866) 445-3186.

Thank you for your support of our commitment to maintain the highest security standards for all of our global customers.

*Scheduled change dates, including “Act by” dates, provided in this email and the PayPal 2016 Merchant Security Roadmap are subject to change. You’ll be notified immediately of any changes to these plans.

Was this email helpful? Please click here to let us know how we're doing at keeping you informed.

Please do not reply to this email. We're unable to respond to inquiries sent to this address. For immediate answers to your questions, visit our Help Center by clicking Help on any PayPal page.

© 2016 PayPal Inc. All rights reserved. PayPal is located at 2211 N. First St., San Jose, CA 95131.

asked 3/17/2016
Mark Buelsing159
Mark Buelsing

3 Answers

Many citizens over the internet are provided that the online employment. I will just utter the customessayorder as this is not complicated with people find it easy in liability of these. Many of them are require the PayPal like the books as well as these are too complicated in manufacture of these.
answered 9/8/2019 Nash 2
Nash

I am also having the same issue. Currently, my Dynamic Forms is version 6.10. I am able to submit and navigate to Paypal sandbox, but when I go through a success process or cancel and return to my site. I would get hung at the Paypal page. After debugging on what is causing this, I remote to IIS server and notice that whenever I do a transaction, it would cause .Net Runtime error, w3wp.exe crashed, and clr.dll. If I exit out of this error, I would be out of the Paypal page and be redirected to my site, but it shows the page is not there and the services of the page are not found. It also stops my application pool. I need to find an urgent fixed or patch for this.

answered 9/9/2016 Nguyen 5
Nguyen

Update, I had a new website that needed a form with PayPal interaction and there was trouble getting it to work. It was recommended that I get a SSL certificate for the site, which I did. And Chad at DataSprings also accessed the situation and created a patch which resolved a connection issue with PayPal Sandbox's increased security model as described in this thread.

answered 4/26/2016 Mark Buelsing 159
Mark Buelsing

Your Answer

In order to provide an answer to this question, you must Login

I am flagging this question because...

10 inform moderator flags remaining

I am deleting this question because...

I am flagging this answer because...

10 inform moderator flags remaining

Flagging a Post

You have already flagged this post. Clicking "Remove Flag" below will remove your flag, thus reducing the count by one as well.

I am deleting this answer because...

Looking for a DNN Module?

If you’ve used Data Springs modules before, you know how easy they are to install and use. We have built each individual module in our collection with integration in mind, so when you opt for Collection 7.0 you’ll be able to install our entire toolbox quickly and start putting it to work for your business today.Yes, in the blink of an eye you will arrive on the scene like a Superhero!

Data Springs has long been recognized as a leader in the DotNetNuke (DNN) community through hard work, integrity, and commitment. We’ve helped thousands of people POWER UP their website and our Collection 7.0 will do the same for you.

You deserve more than just an average website. You deserve a MACHINE!

Enter your email below AND grab your spot in our big giveaway!

The winner will receive the entire Data Springs Collection 7.0 - Designed to get your website up and running like a DNN superhero (spandex not included).

Subscribe