Hello,
Does anyone know if OJS 2.4.8.x’s paypal module is compliant with this notice we received from paypal?
At PayPal, one of our top priorities is to ensure our customers and yours have a safe, secure experience when managing and moving money online or on a mobile device. We are committed to providing the highest level of security to protect customer and transactional data and have been upgrading our systems to ensure we are processing on the latest and most secure protocols. This year, we are requiring all of our merchants to implement some important security upgrades, as well.
Our records indicate that you still need to make some critical security upgrades to your systems as well. If you see a “YES” next to a security change, your integration must be updated to accept these new security measures by the date specified:
• TLS 1.2 and HTTP/1.1 Upgrade - Complete by June 2018
- Update Needed: Yes
• IPN Verification Postback to HTTPS - Complete by June 2018
- Update Needed: No
• Discontinue Use of GET Method for Classic NVP/SOAP API’s - Complete by June 2018
- Update Needed: No
• Merchant API Certificate Credentials Upgrade - Complete by September 2018
• Please note that this may be completed earlier based on the expiration date of your certificate.
- Update Needed: No
Thanks,
Rich D.