Maintaining a safe and secure website – including the ability to ensure secure transactions – is central to successful association management. With new headlines about fraud and identity theft popping up every day, it is reassuring to see that popular payment gateways are implementing credit card processing changes to increase security. Similarly, as credit card companies adjust to continued growth in the payment industry, they are doing so with processes that ensure the best safety and security measures are in place.
These changes are necessary, as they address both a growing industry and a growing demand for increased security. At the same time, they also impact day-to-day operations at many associations, and preparing for these changes is essential.
PayPal Changes In Effect July 1
PayPal is strengthening security by changing the way it integrates with customer accounts, implementing new processes beginning July 1, 2017. To put it simply, the current system for providing privacy and ensuring the integrity of data is TLS 1.0 or TLS 1.1, and Payflow, the PayPal payment gateway, is upgrading to TLS 1.2 after June 30.
As soon as that upgrade takes place, TLS versions 1.0 and 1.1 won’t work. Accordingly, if you are using PayPal, you need to make the necessary changes to your payment protocol to ensure it supports these new requirements. Payflow is offering a test environment where, once you have adjusted your configuration, you can test it prior to the July 1 deadline. I highly recommend taking advantage of this. Our Help Desk is happy to help if you want support.
Again, it is very important to note: as of July 1, 2017 any organization that has not made the appropriate changes will not be allowed to process credit cards through PayPal.
Credit Card Validation Updates
Another important change with the potential to impact your internal protocols relates to Bank Identification Numbers (BINs) and credit card validation. BINs are used to identify who issued the credit card and are thus essential to routing and completing transactions. While it’s hard to believe, the supply of unused BINs is almost exhausted. As a result, starting in early 2017, MasterCard has begun issuing card numbers that begin with 2. Until now, all MasterCard numbers began with 5, Visa cards with 4, Amex with 3, and Discover with 6.
These 2-series numbers work the same way as the 5-series, but any customer who uses the first digit of the card to check validity will need to update that protocol to accommodate cards beginning with a 2. MasterCard has made all needed changes to their systems, and with timing similar to the PayPal changes, MasterCard will begin merchant field testing of the 2-series systems on June 30, 2017.
Your website’s ability to be a source of fast, easy and secure transactions is vital to your overall operations. Staying on top of ever-changing payment tools and techniques is essential to the health of your site. We are always here to support change as it comes along to ensure you have all the tools you need.