PayPal will stop working on 30th June if you don’t upgrade to TLS

By Chris Dawson June 18, 2018 - 11:45 am

PayPal will stop working on 30th of June and merchants will be unable to accept payments if they’ve not updated their websites to the latest standards which includes an upgrade to TLS.

The deadline for merchants to upgrade to Transport Layer Security (TLS) 1.2 June 30, 2018 and PayPal are requiring all merchants to upgrade their security protocols to TLS 1.2, in line with the requirements set by the Payment Card Industry (PCI) Council. The TLS protocol is used to encrypt communications between your platform and PayPal’s servers.

What do you need to do to upgrade to TLS?

Merchants should verify whether their website supports TLS 1.2 and, if necessary, make appropriate updates.

If you have a hosted service

Contact your provider to ensure they support TLS 1.2 and HTTP/1.1

Does your system already support TLS 1.2 and HTTP/1.1?

If the answer is yes then you’re all set. If not, then you need to upgrade to TLS 1.2 and HTTP/1.1 before the 30th of June.

Have you hard coded an earlier version of TLS or HTTP?

Update your code to always use the latest version of TLS and HTTP supported by PayPal endpoints.

More information about the required changes, the impact of the changes, and how to implement them can be found on PayPal’s Merchant Security Microsite.

  • Mark.T
    1 year ago

    What remains unclear from the email we got is whether the PayPal is saying…

    “You specifically are not secure”
    .. or…
    “We are writing to everyone to tell you to check if you are secure”

    Furthermore, is the whole account frozen or only those transactions through a non compliant site?

    Our current business uses PayPal invoicing but that is not linked to a website. However, in the past, I have created small test sites to try out PayPal payment buttons.

    I wonder where I put them…?

    • Darren
      1 year ago

      I’m guessing this is to do with the Express Checkout integration. Users are redirected to a PayPal screen when paying but when that has been completed PayPal make a connection to your web site to confirm the payment status to complete checkout. If this connection does not happen over a TLS https connection then the checkout procedure will fail.

  • Mark.T
    1 year ago

    This was my best guess as well.

    Still not clear whether the trigger is the existence of a poor connection or the use of that connect and whether it freezes the whole account or just transactions through that particular connection.

    This is academic for us, it is just the lack of specificity from PayPal that seems odd.

  • 1 year ago

    Why have I not been contacted by paypal?

  • E. Tolliver
    1 year ago

    Is this a PSA announcement for retail users, or do I need to upgrade as well as merchants?

Featured in this article from the Tamebay Guide – companies that can help you grow and manage your business.


PayPal Working Capital is a merchant cash advance linked directly to your PayPal account.

See More Companies >

Recent Comments

3 hours ago
ifellow: Problem is hard to find products that aren't dominated by VAT fraudsters based in China....
4 hours ago
Jan strassen: Thanks Crackerjack, we do have courier rules that you can use to automatically pick...
18 hours ago
crackerjackcommerce: I have seen with my own eyes a vast number of people who use ebay,...
18 hours ago
crackerjackcommerce: That is so impressive. Being able to constantly adapt and scale is very entrepreneurial and...