Magento 1 - the final weeks

05/12/2020 New

After 10 years of widespread service to thousands of merchants, Magento will terminate support for Magento 1 on June 30, 2020. This means that no security patches will be made available. This shouldn’t be taken lightly as the platform will be increasingly at risk to fraud or data breaches or other vulnerabilities from this date.

Action is required and either merchants need to switch to Magento 2 or even another platform, or stay on Magento 1 but add protection.

To add protection, MultiSafepay has partnered with Mage One. Together we will provide ongoing support and the vital security updates for Magento 1 in order to protect your and our business.

 

Payments

MultiSafepay is trusted by many thousands of merchants to process their payments safely. MultiSafepay is constantly securing and protecting our payment infrastructure to outside threats. As proud acquirer and processor for Bancontact, Visa and Mastercard, MultiSafepay also holds the highest PCI DSS certification of security.
Part of these accolades and certifications is to support only secure environments, and MultiSafepay can only protect its infrastructure, the payments and consumers processing of its platform only when merchants are also secure.
Consequently, this requires changes for merchants still on Magento 1. Especially when handling credit card or PayPal payments.

Update: These payment methods require PCI DSS level certification and point out that after the EOL date Magento 1 will not receive any vendor-supplied security patches and thus are in breach of the requirements. 
Currently it appears that PayPal will discontinue support for Magento 1 altogether after the EOL date, regardless of any steps taken by merchants and their partners. 
Link to PayPal communication.

Update 2: With the End of Life date rapidly approaching the consequences for many merchants are becoming clearer. Without the correct certification or actions taken business processes and operations might be in jeopardy. If you have any questions please reach out directly to your account manager. 

Update 3: Magento 1 is now End of Life. If you are still processing with Magento 1 please reach out to us in need of support directly.

 

Switching

Many merchants have already taken the decision to move towards Magento 2, but this is not simply a version upgrade. Upgrading to Magento 2 is costly, time consuming and requires operational changes. For many, the costs are simply too high.

Many other merchants have taken another route by switching to a completely different platform. But this also requires large investments to support the change in many areas of their organisation and in their partners.

Still, many remain on Magento 1, who are uncertain on the next steps for their business, large or small. The choice is difficult as costs are high, risks uncertain and the timeframe limited.

Mage One

MultiSafepay acknowledges that there are many merchants still on Magento 1 but stresses that it cannot support it without adequate support. In order to do so MultiSafepay partnered with the Mage One organisation. Founded by Rico Neitzel & Carmen Bremen from the Magento Community Mage One sets out to provide vital security and quality updates for the coming years.

To effectively support Magento 1 Mage One offers:

  • Quick Protection System; an automated system that will prevent known attacks prior to patch release.
  • Sustainable Bug bounty program; actively promote security testing by enlisting the larger community.
  • Server level security; provide security measures on PHP level, surpassing common practices by looking at the entire system rather than only the platform.

With this approach and together with the Mage One organisation, we believe to safely be able to continue supporting Magento 1 businesses.

The next steps

If you want to continue with Magento 1 you will need to follow the following steps:

  1. Subscribe to our dedicated newsletter
  2. Subscribe to Mage One via this link
  3. Install the MultiSafepay Mage One compatible plugin once available

We will keep updating you via the newsletter.

Please note that aside from our commitment with Mage One in supporting Magento 1 in the future, the platform will at a point cease to be relevant or be able to process (certain) payment methods. We recommend that merchants carefully consider the options they have with continuing their business operations on Magento 1 and Mage One, moving to Magento 2 or even a different platform. MultiSafepay and its partners will support the merchants with all of these options and considerations.

Questions

 

Will MultiSafepay indefinitely support Mage One or Magento 1?

No, MultiSafepay by partnering with Mage One is committed to support Magento 1 as long as it deems secure and is able to process payments through it. 

Are there costs involved?

Yes, there is a subscription required with Mage One in order to receive the required security updates.

Which versions of Magento 1 are supported?

At this point Mage One only supports Community editions from version 1.9.4.5.

Is MultiSafepay sure that with Mage One I can continue processing creditcards and PayPal?

No, nothing is sure at this point aside from the EOL of Magento 1.

What are other PSP's doing?

Some PSP's are completely shutting down all their Magento 1 businesses because of the PCI DSS requirements. Some are not making any statements at this point, and a few other PSP's are doing the same as MultiSafepay with Mage One and (other) security measures. This only demonstrates the uncertainty in the market and the complex nature.

Does this only apply to businesses processing credit cards and or PayPal?

Yes, the Mage One or additional security measures are only mandatory for businesses processing credit cards and / or PayPal. For all other businesses we still recommend additional security measures.

If I’m not a MultiSafepay merchant?

If you’re currently not processing your transactions with MultiSafepay and want to remain on Magento 1, please follow this link.

 

For even more questions please reach out directly to [email protected].