Email This Post Email This Post

PayPal POODLE Fix Could Disrupt Merchant Payments

PayPal warned merchants that its fix for a new security vulnerability may cause problems for shoppers trying to Pay for items on their websites.

PayPal’s Chief Technology Officer James Barrese took to the company’s blog to address a new vulnerability called POODLE. “The vulnerability impacts a protocol called SSL 3.0, which was designed to ensure secure connections when surfing on the Internet. When exploited, this vulnerability enables a cyber criminal to gain access to connections considered secure via this widespread (but 15-year-old) security protocol.”

As a result, PayPal will disable SSL 3.0 support in the coming days, “as soon as we reasonably can.”

Sponsored Link

That action could cause compatibility problems for a “few” PayPal customers, he warned, “resulting in the inability to pay with PayPal on some merchant sites or other processing issues that we are still identifying.”

Barrese said PayPal had no evidence that any of its customers had been compromised by the vulnerability. “We pledge to stay transparent and let you know if we discover anything else,” he said, and said the company would keep customers and merchants up to date through the PayPal Forward blog, Twitter, and Merchant Services team.

He referred customers to a Google blog post to learn more about POODLE.

Ina Steiner on EmailIna Steiner on LinkedinIna Steiner on Twitter
Ina Steiner

Ina Steiner is co-founder and Editor of EcommerceBytes and has been reporting on ecommerce since 1999. Send news tips to ina@ecommercebytes.com.


Leave a Reply