Magento has officially announced that all versions of Magento 1 will become end of life (EOL) on June 1, 2020. This means that no quality fixes or security patches will be deployed for Magento 1 after this date.
If you are using Magento 1, you will need to migrate to Magento 2 or another platform before June 1, 2020. If you do not, your business could be vulnerable to security breaches, and will not comply with the Payment Card Industry Data Security Standards (PCI DSS).
Impacted Magento 1 versions
All versions of Magento 1 are impacted. This includes Magento Commerce 1 and Magento Open Source 1.
For more information on Magento's software support lifecycle, refer to their Software Lifecycle Policy.
Why you need to migrate
If you continue using Magento 1 after June 1, 2020:
Your risk of a data breach will increase
Magento 1 users will become a security target after June 1, 2020. The damage to your brand and reputation from such a breach can be long-lasting.
You may not be compliant with the Payment Card Industry Data Security Standards (PCI DSS)
The PCI DSS global standards are set by card schemes (such as Visa and Mastercard), and apply to all merchants that process payments. One of these requirements, Requirement 6, is that you will implement security patches to keep your payment-related systems safe and secure.
If you continue using Magento 1 after June 1, without additional security measures, you may no longer comply with this Requirement as Magento will stop releasing security patches. As a result you can be fined between 10,000 and 25,000 EUR per month by card schemes.
To find out what additional security measures you can take to remain PCI DSS compliant, we strongly recommend contacting a Qualified Security Assessor (QSA).
What you need to do
Before June 1, 2020, you will need to migrate to either:
You can find instructions on how to integrate in our Magento 2 documentation.
- Another platform
For a full list of platforms we support with a plugin, see our Partners page.
If you are unable to complete migration by this date, you can use Adyen's Pay by Link integration as a fallback solution.
Temporary fallback option
If you are unable to migrate by June 1, 2020, you can use our temporary fallback option. This will route all your payments through an Adyen-built plugin to an Adyen-hosted Pay by Link page, where shoppers can enter their payment details and complete the payment. This can limit your risk of a data breach.
To use the fallback option, do the following before June 1, 2020:
- Update your Magento 1 plugin to version 2.18.1.
In this version of the plugin you can use both Components and Pay by Link. Our Component solution is native within your checkout. We recommend you update to this version of the plugin soon and continue to use Components. Then when June arrives, you switch to the Pay by Link solution in your Magento configuration settings and we will route all your payments through to the Pay by Link payment page.
- Complete and sign a (new) SAQ A, in which you state that you will actively monitor the link from your webshop to the Adyen hosted payment page.
We will send the SAQ A to you by email, as a DocuSign request, in the beginning of May. This email will have the subject line Complete SAQ A for Magento 1 end-of-life, and will outline some additional steps you should take to secure your systems.
You will be able to process payments with Adyen using this option until December 31, 2020.
We're aware of the time and resources required to migrate to a new system. As a gesture of goodwill, we want to offer one-off compensation to the merchants that have implemented our temporary fallback option before June 1, 2020. If you are one of these merchants, we will reach out to you in July 2020 with more information.
If you need technical help with the migration process, contact your IT department or system integrator.