You May NOT be able to receive payments through your website using Paypal by 17 June 2016
To avoid service interruptions, please ensure that your systems are SHA-256 compatible SSL CERTIFICATE by 17 June 2016.
To continue to use Paypal IPN services, this upgrade is required. Paypal IPN is an Instant Payment Notification (IPN) message service that notifies you of events related to PayPal transactions. In esssence within our HBCommerce system and other ecommerce system, you will receive notification of payment from your orders placed on the website, however, without a SHA-256 SSL Certificate installed at your domain, these service will be interrupted on June 17 and cease by September 2016.DON'T WAIT!! PREPARE NOW TO AVOID LOSING SALES. SSL SHA-256 IS REQUIRED TO ACCEPT PAYMENT ONLINE USING PAYPAL.
IT IS NOW REQUIRED BY PAYPAL FOR YOU HAVE A SHA-256 compatible SSL CERTIFICATE INSTALLED AT YOUR DOMAIN.
IMPORTANT NOTIFICATION DIRECTLY FROM PAYPAL
At PayPal, security and safety are our top priorities and, as a result, we’re implementing a series of security upgrades throughout 2016 and 2017. To comply with industry standards, we need to move our endpoints to stronger encryption known as SHA-256 by 30 September 2016.
In preparation for our transition to SHA-256, we'll be undertaking critical testing between 17 June and 29 September 2016. During this period, if your systems aren’t SHA-256 compatible, your business’ ability to accept payments with PayPal may be temporarily impacted. We strongly recommend that your systems are compatible with SHA-256 by 17 June to ensure that your business isn’t interrupted. If your systems aren’t SHA-256 compatible by the full cutover on 30 September, your business will be unable to accept payments with PayPal until changes are made. For more details about our transition to SHA-256, please go to 2016-2017 Merchant Security Roadmap Microsite.
At PayPal, we’re committed to delivering the highest level of security available for our customers. Compatibility with SHA-256 will help strengthen your protection and ensure that your business systems are up to date with the latest security measures. Thank you for your continued support and for helping us maintain these standards for all our customers.
What is the purpose of the testing?
The purpose of this testing is to help us identify, with certainty, those customers who will be impacted by the full cutover to SHA-256. As part of our commitment to our customers, we'll immediately notify impacted customers so that we can better prepare them for the full cutover on 30 September.
How do I ensure that my business won't be impacted by the testing?
If your systems aren’t currently SHA-256 compatible, the details about the required changes and how to action them can be found on our 2016-2017 Merchant Security Roadmap Microsite.
If you're not sure whether your systems are SHA-256 compatible, we recommend that you speak with your web hosting company, e-commerce software provider, in-house web programmer or system administrator. They can assist you in making the required changes before the testing.
When will testing occur?
For a complete list of testing dates and times, please visit our SSL Certificate Upgrade Testing Schedule.
Was this answer helpful?
To meet the new PCI Security Standard (PCI DSS) required by all websites that hold payment data,...
Password Selection It is important to have a password that is easy to remember, but hard to...
Browser hijacking is one of the web's constant dangers. Whether it arrives in the form of a...
SSL (secure socket layers) encrypts information as it is transferred across the internet. Shared...
To report any abusive site or activity, please email email@example.com and our security team...