Given the challenging and difficult times of the past 6 months, you’d be forgiven for not taking any action on Magento’s June deadline where it officially ended it’s support for Magento 1.
While you may not have noticed any visible changes to your website, if you did not upgrade it the most important piece of software in your business has been left unsupported since the 30th June 2020. This means you will not have received quality fixes, upgrades or security patches from this date.
What does this mean for you?
If you missed the deadline, your Magento 1 site will inevitably fail security scans and therefore fail PCI DSS compliance requirements. Major payment processors which you may be using on your site (such as Paypal) have already stated they will look to withdraw their services for non-supported sites.
While this sounds a rather stark and abrupt statement, if you are still operating a Magento 1 site you seriously need to consider the security issues the withdrawal of support may present.
What are the consequences of not migrating?
Since the official cut-off date for support for Magento 1 in June 2020, running the web and software applications after this date creates a number of risks for your website and your business. These include…
- Higher risk of data breaches, with potential damage to your business and reputation.
- Increased exposure to security risks on your ecommerce site due to the lack of security upgrades.
- The functionality of extensions or plug-ins may be compromised or become unavailable.
- Over time, you may find that Magento developers will only be familiar with Magento 2, meaning you may struggle to find professional support or advice for your site.
- Without any upgrade or security patches, your ecommerce site may degrade and become unstable.
- You will fall out of compliance with PCI DSS (Payment Card Industry Data Security Standards). PayPal states: “These global standards are set by card entities and apply to all merchants that process payments. Requirement 6 of the PCI DSS requires merchants to “develop and maintain secure systems and applications by installing applicable vendor-supplied security patches.” Without future security patches, Magento 1 merchants will no longer be able to meet this requirement, which could result in costly and time-consuming remediation.”
- “This is not a PayPal-specific requirement. PCI DSS requirements apply to your integrations with card payment brands, such as Visa, MasterCard, American Express, Discover, JCB, and any other payment processor on the Magento 1 platform. Visa has stressed that urgent action is required for merchants to migrate from Magento 1 and advised merchants to be aware of their responsibilities in securing their environment to help prevent the loss of payment card data.”
If you have not yet upgraded your Magento 1 site, we would urge you to do so as soon as possible. Don’t forget that Magento Cheshire is here to help and support you, and make your Magento 1 site upgrade as easy and painless as possible. Don’t put your business at risk. Get in touch with our friendly team for further advice…