An SSLv3 vulnerability nick named POODLE (Padding Oracle On Downgraded Legacy Encryption) was revealed by Google researchers (http://www.extremetech.com/computing/192063-google-finds-critical-vulnerability-in-ssl-3-0-called-poodle). SSLv3 is a communication encryption protocol mainly used by older browser versions or server-to-server communication towards North Payments Gateway.

For PSPs and merchants it means that payment transactions submitted via SSLv3 could be intercepted and decrypted which causes a potential security threat to shopper data. Although this is an old protocol that has been replaced in many client and server configurations with TLS (Transport Layer Security), many browser clients and web servers that use TLS for connections still support SSLv3. Some products and older browsers, including Internet Explorer 6 for Windows XP, only use SSLv3.

As there are no remedies for this vulnerability, North Payments Gateway will no longer support SSLv3 for data security reasons.

Should there be any questions or concerns, please kindly contact our support team: support@northpayments.co.uk.

Posted in Latest News.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>