Visa’s April 2020 Aquirer Advisory report outlines steps Magento 1 merchants need to take in order to keep their online stores PCI compliant, as Magento 1’s “End of Support” (colloquially known as ‘M1 End of Life‘) approaches this June. Visa advises acquirers to encourage merchants on Magento 1 to migrate to a Magento 2.3 or another PCI compliant eCommerce platform. Moreover, the announcement clarifies the dangers for businesses and their customers if payment card data exposed, and includes a roadmap for businesses to seek compliance.
Visa is committed to enhancing both the security and quality of payment services available in both Card-Present and Card-Not-Present environments. This fact sheet provides useful information related to the upcoming end of life for all Magento 1 websites. Merchants must be cognizant of their responsibilities in securing their environment to help prevent the loss of payment card data. Acquirers should use this information to take risk-based decisions and encourage their merchants to migrate to a supported version or alternate platform to remain PCI compliant. Merchants who suspect or confirm a compromise involving payments data must adhere to the requirements outlined in Visa’s What To Do If Compromised guide.”
Redstage’s CEO Adam Morris has this to say, “We continue to hear from our payment partners that they are planning necessary actions to prevent breaches from out of date Magento 1 sites. This is the first public statement that we have seen –and we expect more to come in the next few months– zeroing in on the consequences of non-compliance. The risk of not being able to accept payments has to be factored into any decision to stay on Magento 1 at this point.”
About Magento 1 End of Life
We’ve been raising awareness about the dangers of Magento 1 End of Life since early 2019. To help merchants migrate fast, we’ve developed several accelerated migration solutions to help B2B and B2C companies make the switch as fast as possible. Merchants can also receieve free assistance as part of the Offline2On initiative, or receive funding from PayPal’s Magento migration loan builder program.