Center Stage Software has been getting inquiries from some of our customers who use Authorize.net and have received a notification from them about a Internet-wide security issue, commonly referred to as POODLE.
Here is some important information:
Who does POODLE affect?
Any merchant using Internet Explorer 6 (IE6) to access secure Authorize.Net pages or any merchant whose site or solution uses SSLv3 to post transactions to Authorize.Net.
This does not affect you – unless you are using IE 6. We doubt that anyone is doing this. If you want to check, click on Help | About IE. It will tell you which version you are on.
If your customers use IE 6 as their browser, they will be affected because Authorize.net will refuse transactions from an IE 6 browser.
If you or your customers are using Firefox, Chrome, Opera or Safari, this does not affect anyone at all.
Webtix does not post any data to Authorize.net. Instead, Webtix calls the SIM interface of Authorize.net. At this point, and not before, information gets posted. The information is posted directly from the customer’s browser to Authorize.net. Webtix is not involved.
In other words, the POODLE vulnerability is between Authorize.net and the customer.