Magento 1 is coming to its end of life in June, and, whilst some companies have made the decision to stay on the unsupported platform, they may not realise that by making this choice they will no longer be PCI compliant. Here is a blog that can explain in detail what it may mean for you but we have outlined below the reasons as to why Magento 1 end of life could have serious impacts on your business.
- If a website is dealing with credit card data, then the business has a duty to keep software up to date so that it isn’t open to attack.
- A merchant has an obligation to annually (at least!) review hardware and technologies to check whether or not they meet the Payment Card Industry Council requirements
- If technologies are no longer supported by the vendor then the website is in breach of the PCI Council requirements
This could spell disaster for some companies as they risk having their credit card processing suspended, face fines and a vast amount of admin trying to convince the Payment Card Industry Council that they are still compliant.
The council also insists that any companies that approve credit card charging are checking business’ compliance, and if they don’t comply then they will also face fines or suspension. These rules and regulations are in place so that fraud can be better managed and reduced keeping customers safer.
The worst case scenario would be that if a website does succumb to hackers and credit card details are taken, and the site is not on supported software, then this would be a major breach for a non compliant site . The business would be seen as negligent by the company that approves the credit card charging and would potentially need to be assessed. This could cost thousands.
The reality is that the companies that approve credit card charging will want businesses to prove to them that they are able to handle payment details, and able to keep them safe from any fraud. Additionally there could be a monthly fine involved if companies continue to use unsupported software.
There are certain actions that can be taken to try and become more compliant. Such as added web security, added scanning, added monitoring and added planning. But ultimately businesses are at the hands of the person managing their case.
Really, if eCommerce websites are still being run on a Magento 1 platform then they are putting their company and business at risk and it could end up becoming costly.
If you are interested in further advice then please don’t hesitate to get in touch with us today.