Magento 1 End Of Life Coming Soon
Magento announced the end of support of Magento 1 through June 2020.
— Magento Commerce (@magento) September 6, 2018
Magento will no longer support the Magento 1 (Magento Open Source 1 and Magento Commerce 1) software after June 2020. There will be no security fixes, quality upgrades, patches, and support for Magento 1.x versions.
The consequences of not migrating to Magento 2 can impact the business, because of which Visa and PayPal payment gateway providers urge the merchants to migrate to the latest Magneto 2.3.5 in order to not lose the PCI Compliance.
What will happen if you continue with Magento 1 after June 2020?
- You won’t get any security or platform upgrades
- Lack of tech assistance
- Your store will become vulnerable and a data breach can be easy, leading to negatively affect the brand’s reputation
- Current Magento 1 extensions will no longer be available or not function as expected
- Lack of features that are offered by competitors’ latest Magento 2 store will affect the consumers’ choice. The reduced conversion rate may be the result.
- The performance of the store will degrade over time.
Apart from these, one essential security feature in which you can lack behind is PCI compliance and the e-payment processors Visa and PayPal warns the merchants to migrate to Magento 2 ⚠️
The payment gateway providers urge you to migrate to Magento 2 in order to remain PCI DSS compliant!
Migrate to Magento 2 to remain PCI Compliant:
The Payment Card Industry Data Security Standards (PCI DSS) are the global standards set by the card entities which applies to all the merchants that process payments.
The PCI DSS was founded in December 2004 by these major brands – Visa, Mastercard, American Express, Discover and JCB. In 2006, they formed the PCI Security Standards Council (PCI SSC), an independent council established to maintain and update the PCI standards.
According to these standards, it is compulsory to develop and maintain secure systems and applications by installing applicable vendor-supplied security patches.
Now without any security patch release, Magento 1 merchants will no longer be able to meet this requirement.
The Self-Assessment Questionnaire (SAQ) form can help you validate your PCI compliance. One of its requirements is to install vendor-supplied security patches within one month of release. As Magento will no longer offer security patches after June 2020, the merchants won’t be able to comply with the Requirement 6 which is about developing and maintaining the security systems and applications by installing the applicable vendor-supplied security patches.
6.1 Establish a process to identify security vulnerabilities, using reputable outside sources for security vulnerability information, and assign a risk ranking (for example, as “high,” “medium,” or “low”) to newly discovered security vulnerabilities.
6.2 Ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor-supplied security patches. Install critical security patches within one month of release.
PCI DSS guidelines include:
- Build and maintain a secure network and system
- Protect cardholder data
- Maintain a vulnerability management program
- Implement strong access and control measures
- Regularly monitor and test networks
- Maintain an information security policy
If your Magento 1 store loses the PCI compliance, the customers won’t trust your business with their card data.
That’s why the payment processors Visa and PayPal urge the merchants to migrate to Magento 2, get PCI compliance.
Promote that to the customers, ensuring them that your business is serious about security and every step required for the protection of their sensitive data is taken!