The information that follows is of a highly technical nature and should be reviewed by one of the following:
- Your web hosting company
- Your e-commerce software provider
- Your in-house web programmer/system administrator
Who is Affected by this?
Any merchant processing credit card payments on PayPal's older payment gateways / API's
Merchants and partners use HTTPS to securely connect with PayPal’s servers for processing credit cards with Payflow. They use the Transport Layer Security (TLS) protocol to encrypt these communications. To ensure the security of our systems and adhere to industry best practices, PayPal is updating its services to require TLS 1.2 for all HTTPS connections. At this time, PayPal will also require HTTP/1.1 for all connections.
Systems Affected
ERP / Business Systems: Everest Software and Sage Software
eCommerce Systems: OSCommerce
Other Platforms: CRM Systems, Membership Platforms, Recurring Billing Systems

What does PayPal recommend?
PayPal and other gateways make the assumption that organizations have software from vendors that are still in business, that the software is being maintained and current or they have access to the source code of the software so that developers can make updates for TLS1.2. Unfortunately, that is not a real-world scenario for thousands of merchants that need an alternative path forward. Below is the diagram of what PayPal would normally recommend organizations do.

How does the Payflow Payments Solution work?
Realizing that many organizations do not have access to the software source code or have challenges making the updates within it, the Payflow Payments Solution by MARTEC360 works in the background and handles the necessary TLS1.2 cryptography communication.
