In one of our webshop we use Nopcommerce's Payments.PayPalDirect* module for collecting credit card payments.
My question concerns the following:
PayPal cranks up its security from 30th June as described here:
https://www.paypal-knowledge.com/infocenter/index?page=content&id=FAQ1913&expand=true&locale=en_US
Could you guys please look at these and check if we need any change in the code. (e.g. moving to TLS 1.2 is just a OS setting if I got it right, but what about the others)
*PayPalDirect is not the well-known way of paying with PayPal (when the user gets forwarded to the PayPal payment website), but it allows our customers to enter their card data not leaving our shop. Although the shop does not store card data, it is not easy to qualify for this, it needs Pro account at PayPal and most importantly a PCI DSS compliance with regular testings, etc.
Why we need this? Many of our customers cannot pay simply with their credit cards on the regular Paypal Standard site, they are forced to have a PayPal account or asked to open a new one)
