DIBS has recently issued an update about the Poodle vulnerability in the SSL protocol. Is the UCommerce DIBS Payment method using server-to-server communication as described below? If so, is there an upgrade who fixes this available?
"Who are affected by this?
Your shop might be affected if you are using the DIBS
server-to-server API and still using https protocol SSL 3.0. If you are not
using our API services, you should not be affected by this.
If your shop is using our API services and is still using https
protocol SSL 3.0 we recommend you to investigate your system and plan for an
upgrade to a newer version of the protocol.
If you are unaware of what version of the https protocol you are
using please contact your e-commerce partner or your technical department.
What version of the protocol should we change
to?
We advise you to configure your web shop so that it will support the newer
version of the https protocol called TLS."
Thanks for linking to this. uCommerce uses https to communicate with DIBS, but they handle the card details so i think we're good. Also configuring what version of https the application uses, is something for the administrators of the server. We just link to the https sites handeling the actual payment.
DIBS Payment Method - Poodle Vulnerability
DIBS has recently issued an update about the Poodle vulnerability in the SSL protocol. Is the UCommerce DIBS Payment method using server-to-server communication as described below? If so, is there an upgrade who fixes this available?
"Who are affected by this?
Your shop might be affected if you are using the DIBS server-to-server API and still using https protocol SSL 3.0. If you are not using our API services, you should not be affected by this.
If your shop is using our API services and is still using https protocol SSL 3.0 we recommend you to investigate your system and plan for an upgrade to a newer version of the protocol.
If you are unaware of what version of the https protocol you are using please contact your e-commerce partner or your technical department.
What version of the protocol should we change to?
We advise you to configure your web shop so that it will support the newer version of the https protocol called TLS."
Thanks for linking to this. uCommerce uses https to communicate with DIBS, but they handle the card details so i think we're good. Also configuring what version of https the application uses, is something for the administrators of the server. We just link to the https sites handeling the actual payment.
is working on a reply...