PayPal is officially shutting down support for Secure Socket Layer version 3 in December, the company revealed today. The announcement is a follow up to security measures PayPal took last month after the emergence of a security flaw called POODLE.
In a blog post, PayPal CTO James Barrese wrote:
“We are now able to share that PayPal will be disabling support for SSL v3 on December 3, 2014. Any merchant customer whose integration with PayPal uses SSL v3 will need to update their integration before this date to avoid an interruption in their ability to accept payments with PayPal.”
POODLE exploits a vulnerability in SSL 3.0. In October the company warned that as it dismantled support for the Internet security protocol, merchants may have difficulty processing transactions and encouraged them to upgrade to Transport Layer Security.
POODLE comes at a bad time for PayPal’s merchants, who are dependent on the service to process transactions during the busy holiday season. A discontinuation of service could seriously affect sales for those who don’t upgrade in time. PayPal will be extending SSL 3.0 for a few more weeks to help merchants transition during this stressful time.