|
Sarah Schoeller
|
April 19, 2015 at 10:39 pm
I’ve received notification from ANZ as per below. Will this effect our EE and do our certificates need to be updated? Thanks
MasterCard Internet Gateway Service (MiGS) recently advised ANZ that new Entrust Certificates will be activated on the MIGS payment gateway on 28 April 2015.
Post this change, if your Certificates are not up to date, an error message will appear when trying to connect to ANZ eGateTM. These Certificates ensure secure transactions with the ANZ eGateTM payment gateway and your business website.
What this means to you.
You need to check if your business supports the upgraded Entrust Certificates. If it does not, you will need to install the new Entrust Certificates.
Please note that if you are required to update your Certificates and do not, cardholders may not be able to process transactions via your website.
What you need to do.
1. Contact your web developer or technical staff and refer them to this letter
to determine if your web browser, website integration, Application
Programming Interface (API) and/or system(s) will be affected.
2. If your systems check the Entrust Certificate or Certifying Authority, you will
need to install the new Certificates prior to 28 April 2015.
To install the Certificates, go to:
http://www.anz.com/australia/business/merchant/downloaddevkit.asp and follow
the instructions.
If your systems do not check the Entrust Certificates, no change is required and you can continue to do business.
|
|
Dean
|
April 21, 2015 at 7:54 am
Hi,
ANZ is an “offsite” gateway, meaning that the payments are made on ANZ website’s secure server. Updating your SSL certificate should not be a requirement (though having one and having it up to date may help with customer’s feeling of safety etc). If the payments were made directly on your site then yes you would need to make sure your certificates were correct and up to date.
|
|
Sarah Schoeller
|
April 21, 2015 at 5:27 pm
Thanks Dean
PayPal have notified of the below too, so I’m guessing the same applies?
PayPal service upgrades for merchants.
We continue to make significant investments and improvements to our infrastructure to help you grow your business. These improvements sometimes require us to perform service upgrades.
What’s happening?
Over the course of 2015 and 2016, we’ll be upgrading various SSL certificates, including:
The version of the VeriSign Trusted Root Certificate used to establish secure connections to PayPal.
The signing algorithm of certificates (from SHA-1 to SHA-256).
Why is this happening?
We’re taking measures to address industry-wide security concerns. When implemented, these measures can help us improve the security and reliability of our PayPal integrations and help guard against current and future security threats.
When is this happening?
We’ll begin upgrading SSL certificates for our production endpoints in May 2015. We’ve published the schedule of our service upgrade plan on our 2015-2016 SSL Certificate Change microsite. Please check this site from time to time for the most recent updates as published schedules may change.
The Sandbox environment is ready for testing now. Testing in the Sandbox environment is one of the best ways to make sure your integration works.
What do I need to do?
To find out what you must do to help future-proof your integration, please refer to the Merchant Security System Upgrade Guide on the microsite. This guide also contains important details of these upgrades and information about how they may impact your integration.
If you’re impacted by these upgrades, you may need to implement these changes prior to the dates listed on the microsite. If you don’t, you may not be able to process payments through your current integration with PayPal. If you’re integrated with a third party, please check with them for any additional steps you may need to take.
|
|
Dean
|
April 22, 2015 at 2:02 am
Hi,
With PayPal, you’ll need to contact your host and make sure your host’s server has been upgraded to the specifications listed here:
https://devblog.paypal.com/upcoming-security-changes-notice/
|
|
Sarah Schoeller
|
April 27, 2015 at 1:33 pm
Thanks Dean
|
|
Jonathan Wilson
|
April 27, 2015 at 3:16 pm
Since this topic is resolved, I am going to close it. If you have anymore questions or issues, please start a new topic and we will be happy to help there. 🙂
|
