Sponsored Link
Email This Post Email This Post

PayPal POODLE Fix Could Disrupt Merchant Payments

PayPal warned merchants that its fix for a new security vulnerability may cause problems for shoppers trying to Pay for items on their websites.

PayPal’s Chief Technology Officer James Barrese took to the company’s blog to address a new vulnerability called POODLE. “The vulnerability impacts a protocol called SSL 3.0, which was designed to ensure secure connections when surfing on the Internet. When exploited, this vulnerability enables a cyber criminal to gain access to connections considered secure via this widespread (but 15-year-old) security protocol.”

As a result, PayPal will disable SSL 3.0 support in the coming days, “as soon as we reasonably can.”

That action could cause compatibility problems for a “few” PayPal customers, he warned, “resulting in the inability to pay with PayPal on some merchant sites or other processing issues that we are still identifying.”

Barrese said PayPal had no evidence that any of its customers had been compromised by the vulnerability. “We pledge to stay transparent and let you know if we discover anything else,” he said, and said the company would keep customers and merchants up to date through the PayPal Forward blog, Twitter, and Merchant Services team.

He referred customers to a Google blog post to learn more about POODLE.

Ina Steiner on EmailIna Steiner on LinkedinIna Steiner on Twitter
Ina Steiner
Ina Steiner
Ina Steiner is co-founder and Editor of EcommerceBytes and has been reporting on ecommerce since 1999. She's a widely cited authority on marketplace selling and is author of "Turn eBay Data Into Dollars" (McGraw-Hill 2006). Her blog was featured in the book, "Blogging Heroes" (Wiley 2008). She is a member of the Online News Association (Sep 2005 - present) and Investigative Reporters and Editors (Mar 2006 - present). Follow her on Twitter at @ecommercebytes and send news tips to ina@ecommercebytes.com. See disclosure at EcommerceBytes.com/disclosure/.