RSS Feed
News
Apr
10
"Heartbleed" SSL bug
Posted by Jonathan S on 10 Apr 2014 11:07

Over the last few days, the online world has been reeling from the discovery of a bug in OpenSSL (colloquially dubbed "Heartbleed") which secures an incredibly large amount of the world's secure communications.

You can read more about this bug on our blog as well as on the main Heartbleed wesbite.

In response to the discovery of this bug, PayFast has taken the following action:

  • The bug was patched on all affected systems as soon as we became aware of it
  • As a precautinary measure, we have re-issued all our security certificates

You can verify that we are no longer vulnerable to this bug (as well as the high quality of our SSL implementation) at: https://www.ssllabs.com/ssltest/analyze.html?d=payfast.co.za

While we don't believe it is necessary, we recommend that users (particularly sellers/receivers) change their passwords or enable 2 factor authentication on their account for added security.