In Google’s efforts to make the internet more secure, they are favouring websites that have an SSL certificate installed, and are clearly highlighting to Chrome users when a website is ‘insecure’ (or doesn’t have an SSL certificate installed).
Now PayPal are following suit.
From June 2017 PayPal are stopping use of TLS 1.0 and 1.1 and requiring all their users to have the more secure version – TLS 1.2. Transport Layer Security (TLS), (also commonly referred to as SSL), is a layer of security that encrypts the data going between a user’s browser and the server. This makes the data useless if a hacker gets hold of it.
This change from PayPal means from June 2017, any website that uses PayPal must support TLS 1.2. If it doesn’t, customers will no longer be able to access the PayPal payment facility on the site.
This change will also affect customers who are viewing websites using older browsers, such as Internet Explorer 10, Android 4.0 and earlier, as these browsers do not support TLS 1.2. Customers using these browsers will not be able to access the PayPal payment system.
I have the PayPal payment system on my website – what should I do next?
- Check your current server supports TLS 1.2. If it doesn’t, find out what the upgrade plans are. If there are no plans in place, you may need to consider moving providers.
- Check your Google analytics reports to see if your customers are using browsers that do not support TLS 1.2. Obviously, you cannot change this but you can warn them that PayPal will not work and offer other methods of payment, if you have them. We can add a warning message to your website if you wish.
- Keep an eye out for abandoned shopping carts and see if there is an increase after the change has come into force. Your Analytics reports should tell you this.