Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


These support forums are now closed for new topics and comments.
Please head on over to http://eureka.ucommerce.net/ for support.

  • Jørgen Bakke Eriksen 44 posts 95 karma points
    Oct 30, 2014 @ 10:27
    Jørgen Bakke Eriksen
    0

    DIBS Payment Method - Poodle Vulnerability

    DIBS has recently issued an update about the Poodle vulnerability in the SSL protocol. Is the UCommerce DIBS Payment method using server-to-server communication as described below? If so, is there an upgrade who fixes this available?

     

    "Who are affected by this?

    Your shop might be affected if you are using the DIBS server-to-server API and still using https protocol SSL 3.0. If you are not using our API services, you should not be affected by this.

     

    If your shop is using our API services and is still using https protocol SSL 3.0 we recommend you to investigate your system and plan for an upgrade to a newer version of the protocol.

     

    If you are unaware of what version of the https protocol you are using please contact your e-commerce partner or your technical department.

     

    What version of the protocol should we change to?

    We advise you to configure your web shop so that it will support the newer version of the https protocol called TLS."

  • Morten Skjoldager 440 posts 1499 karma points
    Oct 31, 2014 @ 10:11
    Morten Skjoldager
    0

    Thanks for linking to this. uCommerce uses https to communicate with DIBS, but they handle the card details so i think we're good. Also configuring what version of https the application uses, is something for the administrators of the server. We just link to the https sites handeling the actual payment. 

Please Sign in or register to post replies

Write your reply to:

Draft