PayPal is recommending that some businesses upgrade their Payflow Gateway integrations to eliminate the risk of vulnerability associated with the widespread Heartbleed bug.
The Payflow Gateway allows online merchants to directly link their websites to a credit card processing network or merchant account to streamline the payment process.
"We have already been in touch with the merchants who could potentially be affected and are working with them to upgrade their integrations," PayPal CTO James Barrese says in a
PayPal was checking its technology in response to the Heartbleed bug, a security vulnerability in a version of OpenSSL, a cryptographic software library used to keep Internet communications private.
PayPal, a unit of eBay, says financial details in its 143 million active registered accounts were not exposed to the OpenSSL vulnerability. Therefore, consumers don't need to change their passwords, it says.
"PayPal does not share account details with businesses when our customers make a transaction," Barrese says in the blog post. "It is a fundamental way that PayPal helps to keep our customers safer and more secure."
