SSLv3 and POODLE Security Vulnerability
Checkout Credit Card Processing and SSL
It has been reported that there is a vulnerability using SSLv3
for secure browsing and online communications. When using a
browser or when two applications or servers speak to each-other
securely over the internet, they do this on a secure socket using
encryption methods like SSL or TLS. These methods encrypt
messages being sent between your browser (or an embedded browser
within an application like Checkout) or between an application and
To learn more about the vulnerability and what SSL is, this article from Forbes does a nice job laying out it.
Due to this new vulnerability that has been reported, Forte who provides the gateway used for processing your credit card transactions, will be sunsetting the support of the SSLv3 method of creating a secure connection to their servers. A more up to date method will used for creating these connections which is called TLS.
When Checkout processes credit card transactions, you are entering a credit card number to process a transaction (or to store it on Forte's secure servers for future use) on Forte's securely hosted form. We display this web page/form to the user using a browser window that is essentially embedded within Checkout (we don't launch your browser). We are working on ensuring that the browser technology that we use when displaying these forms is up to date to support the latest TLS methods.
It is recommended that you ensure that you are using up to date and supported versions of your browsers and operating systems.