To prepare for the Payment Card Industry (PCI) mandated security upgrade deadline of June 2018, PayPal plans a series of tests to verify that our API endpoints meet the latest security standards. If you have already upgraded your integration to the highest security protocols, you should not experience impacts from our testing. However, if you have not upgraded your PayPal integrations to comply with these standards, service interruptions will occur during our testing windows. To avoid service impacts, it is VITAL that you upgrade your systems, as outlined in this site, before the June 2018 deadline.
PayPal completed Round 1 of testing in April 2018. Round 2 is beginning in May 2018. If you are impacted during these testing windows, you must upgrade your system integrations IMMEDIATELY to avoid interruptions when we permanently upgrade in June 2018, to meet the PCI-mandated standards.
Round 2 of our Merchant Security Upgrade Testing
Starting in May 2018, PayPal is performing weekly smoke tests in preparation for the final upgrade to TLS 1.2. These tests will last one hour per endpoint, and will increase in duration as we near the June 2018 deadline. If your integration is not TLS 1.2 compatible during this testing window, your connections will fail. Please contact your technical staff or consult a technical consultant to facilitate the necessary changes prior to our final, permanent upgrade starting in June 2018.
For upgrade details, see the TLS 1.2 and HTTP/1.1 Upgrade microsite.
When can I test my integration?
Now. The PayPal Sandbox testing environment has been fully updated and can be used to verify that your integration is ready. Review the individual topic pages on the site for more details about how to test your systems and verify their readiness.
How do I know my integration is secure?
If you have not upgraded your PayPal integrations to comply with these standards, service interruptions will occur during our testing windows. To avoid service impacts, it is VITAL that you upgrade your systems, as outlined in this site, before the June 2018 deadline. Please review the Merchant Security Roadmap as well as our Security Guidelines and Best Practices to ensure your integration is as secure as possible.