Phoenix - Your AI AssistantImplementing PayPal security changes as well as Magento Patch for WS-I Compliance
- Posted:
- Proposals: 12
- Remote
- #1143526
- Completed
Sittingbourne 
Description
Experience Level: Expert
General information for the website: Implementaton of Magento/PayPal changes
Description of requirements/features: Please read both extracts carefully:
PayPal:
We recently announced several security upgrades planned for this year, some of which will require you to make changes to your integration. You’re receiving this email because we’ve identified areas of your integration that may need to be upgraded.
What do I need to do to as a merchant? We’ve outlined the steps to take to ensure your integration is up to date. We’re letting you know about these changes now because we don’t want you to experience a disruption of service when they go into effect.
Step 1: Consult with someone who understands your integration. We encourage you to consult with the parties that set up your integration, which could be a consultant or third party shopping cart. You may also need to find someone who can assist with making your integration changes.
Step 2: Understand how these changes affect your integration. Based on our records, we’ve identified areas that require your attention. It’s not a complete list, but does provide changes we feel you need to make to be ready for the security upgrades.
· If the chart shows “Yes”, it means our records indicate that you may require changes to be compatible with that security upgrade.
· If you see a “No,” that means our data shows that you are already compliant or do not use that functionality.
We want to call out that the information provided in this email may not reflect all the changes you need to make. Please assess your integration with the emphasis being on the items we’ve identified below:
Change
Do I need to make a change?
SSL Certificate Upgrade to SHA-256
No
TLS 1.2 and HTTP/1.1 Upgrade
Yes
IPN Verification Postback to HTTPS
No
IP Address Update for PayPal Secure FTP Servers
No
Merchant API Certificate Credential Upgrade
No
Discontinue Use of GET Method for Classic NVP/SOAP APIs
No
Step 3: Get the technical details on these changes. Detailed information of each of the changes and a location to test your integration are available on our 2016 Merchant Security Roadmap Microsite. Select the hyperlinks in the chart for information about specific change events.
Step 4: Make the appropriate changes by each “Act by” date*. It’s important to have your changes in place by the “Act by” date for each change event.
Step 5: Future-proof your integration. We recommend that you go through the “Best Practices section on our 2016 Merchant Security Roadmap Microsite.
Why is PayPal making these changes?
Protecting customer information is PayPal’s top priority. We support industry standards, such as crypto-industry’s mandate to upgrade SSL certificates to SHA-256, and Payment Card Industry (PCI) Council’s TLS 1.2 mandate. We also surpass those standards by investing and building some of the finest protection available. By addressing these changes this year, we believe it helps future-proof your integration and reduce the need to invest in changing your integration in the near future.
Magento:
We recently announced changes that we are undertaking to ensure that Linnworks is able to support both Magento 1.X and Magento 2.0. As part of this undertaking we have rewritten the infrastructure for both Order and Inventory management in relation to both versions of Magento.
This will allow Linnworks to communicate through a set of common methods and take advantage of the enhanced synchronisation and logging methodology that has already been implemented as part of Linnworks.net.
To ensure your system is optimised and in a position to be able to take advantage of this enhanced functionality along with being ready to work with Magento 2.0, we have performed analysis relating to the methods that your current Magento system supports. This analysis has highlighted the following required update for your existing Magento environment.
Your Magento environment needs to be set up with WS-I Compliance.
The steps involved in making this update are as follows.
Login to Magento back end
Go to Magento System > Configuration > Services > Magento Core API > General Settings
Tick the option 'WS-I Compliance'
It is also strongly advisable to enable WSDL cache, as this may improve performance significantly
If any assistance is required to make these updates we advise that you contact the Magento developers who either installed or maintain your Magento environment.
If you are using Magento version 1.9 or higher, it is required that the following patches are installed: SUPEE-3762, SUPEE-3941 and SUPEE-1533. Patches can be downloaded here: https://www.magentocommerce.com/download
Extra notes:
Description of requirements/features: Please read both extracts carefully:
PayPal:
We recently announced several security upgrades planned for this year, some of which will require you to make changes to your integration. You’re receiving this email because we’ve identified areas of your integration that may need to be upgraded.
What do I need to do to as a merchant? We’ve outlined the steps to take to ensure your integration is up to date. We’re letting you know about these changes now because we don’t want you to experience a disruption of service when they go into effect.
Step 1: Consult with someone who understands your integration. We encourage you to consult with the parties that set up your integration, which could be a consultant or third party shopping cart. You may also need to find someone who can assist with making your integration changes.
Step 2: Understand how these changes affect your integration. Based on our records, we’ve identified areas that require your attention. It’s not a complete list, but does provide changes we feel you need to make to be ready for the security upgrades.
· If the chart shows “Yes”, it means our records indicate that you may require changes to be compatible with that security upgrade.
· If you see a “No,” that means our data shows that you are already compliant or do not use that functionality.
We want to call out that the information provided in this email may not reflect all the changes you need to make. Please assess your integration with the emphasis being on the items we’ve identified below:
Change
Do I need to make a change?
SSL Certificate Upgrade to SHA-256
No
TLS 1.2 and HTTP/1.1 Upgrade
Yes
IPN Verification Postback to HTTPS
No
IP Address Update for PayPal Secure FTP Servers
No
Merchant API Certificate Credential Upgrade
No
Discontinue Use of GET Method for Classic NVP/SOAP APIs
No
Step 3: Get the technical details on these changes. Detailed information of each of the changes and a location to test your integration are available on our 2016 Merchant Security Roadmap Microsite. Select the hyperlinks in the chart for information about specific change events.
Step 4: Make the appropriate changes by each “Act by” date*. It’s important to have your changes in place by the “Act by” date for each change event.
Step 5: Future-proof your integration. We recommend that you go through the “Best Practices section on our 2016 Merchant Security Roadmap Microsite.
Why is PayPal making these changes?
Protecting customer information is PayPal’s top priority. We support industry standards, such as crypto-industry’s mandate to upgrade SSL certificates to SHA-256, and Payment Card Industry (PCI) Council’s TLS 1.2 mandate. We also surpass those standards by investing and building some of the finest protection available. By addressing these changes this year, we believe it helps future-proof your integration and reduce the need to invest in changing your integration in the near future.
Magento:
We recently announced changes that we are undertaking to ensure that Linnworks is able to support both Magento 1.X and Magento 2.0. As part of this undertaking we have rewritten the infrastructure for both Order and Inventory management in relation to both versions of Magento.
This will allow Linnworks to communicate through a set of common methods and take advantage of the enhanced synchronisation and logging methodology that has already been implemented as part of Linnworks.net.
To ensure your system is optimised and in a position to be able to take advantage of this enhanced functionality along with being ready to work with Magento 2.0, we have performed analysis relating to the methods that your current Magento system supports. This analysis has highlighted the following required update for your existing Magento environment.
Your Magento environment needs to be set up with WS-I Compliance.
The steps involved in making this update are as follows.
Login to Magento back end
Go to Magento System > Configuration > Services > Magento Core API > General Settings
Tick the option 'WS-I Compliance'
It is also strongly advisable to enable WSDL cache, as this may improve performance significantly
If any assistance is required to make these updates we advise that you contact the Magento developers who either installed or maintain your Magento environment.
If you are using Magento version 1.9 or higher, it is required that the following patches are installed: SUPEE-3762, SUPEE-3941 and SUPEE-1533. Patches can be downloaded here: https://www.magentocommerce.com/download
Extra notes:
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.