| Blockbuster sites, amazing reunions

Share Tips

New Topic Reply Subscription Options  

PayPal and

Forums: General Discussion
Created on: 06/16/16 02:30 PM Views: 753 Replies: 2
Thursday, June 16, 2016 at 2:30 PM

I have received the following from PayPal. Should I be concerned with this as PayPal is hosting my transactions.


To avoid service interruptions, please ensure that your systems are SHA-256 compatible by 17 June 2016.

Rick Johnson,

At PayPal, security and safety are our top priorities and, as a result, we’re implementing a series of security upgrades throughout 2016 and 2017. To comply with industry standards, we need to move our endpoints to stronger encryption known as SHA-256 by 30 September 2016.

In preparation for our transition to SHA-256, we'll be undertaking critical testing between 17 June and 29 September 2016. During this period, if your systems aren’t SHA-256 compatible, your business’ ability to accept payments with PayPal may be temporarily impacted. We strongly recommend that your systems are compatible with SHA-256 by 17 June to ensure that your business isn’t interrupted. If your systems aren’t SHA-256 compatible by the full cutover on 30 September, your business will be unable to accept payments with PayPal until changes are made. For more details about our transition to SHA-256, please go to 2016-2017 Merchant Security Roadmap Microsite.

At PayPal, we’re committed to delivering the highest level of security available for our customers. Compatibility with SHA-256 will help strengthen your protection and ensure that your business systems are up to date with the latest security measures. Thank you for your continued support and for helping us maintain these standards for all our customers.

Further information

What is the purpose of the testing?

The purpose of this testing is to help us identify, with certainty, those customers who will be impacted by the full cutover to SHA-256. As part of our commitment to our customers, we'll immediately notify impacted customers so that we can better prepare them for the full cutover on 30 September.

How do I ensure that my business won't be impacted by the testing?

If your systems aren’t currently SHA-256 compatible, the details about the required changes and how to action them can be found on our 2016-2017 Merchant Security Roadmap Microsite.

If you're not sure whether your systems are SHA-256 compatible, we recommend that you speak with your web hosting company, e-commerce software provider, in-house web programmer or system administrator. They can assist you in making the required changes before the testing.

When will testing occur?

For a complete list of testing dates and times, please visit our SSL Certificate Upgrade Testing Schedule.

Was this email helpful? Please click here to let us know how we're doing at keeping you informed.

Edited 06/16/16 2:31 PM
Thursday, June 16, 2016 at 3:22 PM - Response #1

Paypal sent this to API developers months ago and all changes are already in place. Since your account connects via our API you are all set.

Class Creator Support

Friday, June 17, 2016 at 9:34 AM - Response #2

Good news. I, too, had received the email from them and wondered what it would mean. Thanks.

New Topic Reply  
Subscription Options: Have all new forum posts sent directly to your email.
Subscription options are available after you log in.