Your Solution Partner for the PayFlow TLS 1.2 Security Update

The PCI Security Standards Council is requiring all payment gateways to use the latest SSL standards by June 2018. PayPal and Payflow Pro are part of this upgrade and will be requiring all external connections to use the latest security ciphers. Transport Layer Security version 1.2 (TLS 1.2) and Hypertext Transfer Protocol version 1.1 (HTTP/1.1) will become mandatory for communication with PayPal after June 30th, 2018. Organizations that have not upgraded will not be able to process credit cards.

The information that follows is of a highly technical nature and should be reviewed by one of the following:

  • Your web hosting company
  • Your e-commerce software provider
  • Your in-house web programmer/system administrator

Who is Affected by this?

Any merchant processing credit card payments on PayPal's older payment gateways / API's

Merchants and partners use HTTPS to securely connect with PayPal’s servers for processing credit cards with Payflow. They use the Transport Layer Security (TLS) protocol to encrypt these communications. To ensure the security of our systems and adhere to industry best practices, PayPal is updating its services to require TLS 1.2 for all HTTPS connections. At this time, PayPal will also require HTTP/1.1 for all connections.

Systems Affected

ERP / Business Systems: Everest Software and Sage Software

eCommerce Systems: OSCommerce

Other Platforms: CRM Systems, Membership Platforms, Recurring Billing Systems


What does PayPal recommend?

PayPal and other gateways make the assumption that organizations have software from vendors that are still in business, that the software is being maintained and current or they have access to the source code of the software so that developers can make updates for TLS1.2. Unfortunately, that is not a real-world scenario for thousands of merchants that need an alternative path forward. Below is the diagram of what PayPal would normally recommend organizations do.


How does the Payflow Payments Solution work?

Realizing that many organizations do not have access to the software source code or have challenges making the updates within it, the Payflow Payments Solution by MARTEC360 works in the background and handles the necessary TLS1.2 cryptography communication.


What Customers are Saying