How to Ensure Magento’s Compatibility with Latest PayPal Updates?

Business websites are unfortunately very prone to security issues and similarly the networks to which the servers are connected are also at a high risk. We all are aware of the fact that security is vital for any e-commerce site and also for the payment provider. In the past few years, there have been various changes with major payment service providers, SSL security and even shopping carts.

One most significant change that I have noticed is that of the PayPal update and changes in their web design and even in their Payment Standard products. This has in fact affected the PayPal extensions that are pre-installed with the Magento framework.

Here in this blog, I would like to draw your attention to the security update that PayPal has rolled out recently and what you should know to make sure that your Magento store is ready for it.

Though the update has already been announced in 2015, but it is still seen that many merchants still have not yet paid much attention to it. If in case you are the owner of a Magento website, then it is very important to make your site compatible with the updates or your Magento PayPal integration might break.

Some Points to Consider While Checking the Compatibility

You can do this in a very clear and straightforward manner. All you have to do is to check your environment so that it is ready for the upcoming changes. For this, run a test transaction using the PayPal Sandbox environment and check the performance. In case everything is fine, it means that the site is compatible, but if not, then there are certain changes that have to be done.

TLS 1.2 Upgrade:  This is something that can cause major issues for the users of Magento. When it communicates with the PayPal checkout process, then it sends messages by using a standard Linux library which is called cURL. Since RedHat is the standard distribution in hosting companies, many Magento sites are hosted in it.

The version of cURL that comes with RedHat is too old and does not support the TLS 1.2, so with the changes in PayPal, every site that runs with RedHat 6 or lower may not be able to communicate successfully. It is important to verify that your environment supports the TLS1.2.

SSL Certificate Upgrade:  PayPal is upgrading the SSL certificates that are used to secure the websites and API endpoints. The new certificates will be signed by using the VeriSign’s 2048 bit G5 Root Certificate and the SHA 256 algorithm. It is important for the Magento website owners to ensure that their environment supports the algorithm and discontinue the SSL connections that use VeriSign G2 Root Certificate.