This applies both to Enterprise and community versions of Magento 1.x.
Starting from Magento Commerce 1.14.4.0 and Magento Open Source 1.9.4.0 PHP 7.2 support will be included in the core.
Resources:
– Magento 1.x PHP 7.2 Patches
– PHP 7.2 Patch install instruction
General Data Privacy Regulations (GDPR) is a set of privacy security standards adopted by EU and is officially in compliance from the 25th of May 2018.
Who does it affect?
It affects all that sells products/services to customers located within the EU, even if the store itself is not located within EU.
What are the penalties for non-compliance?
Organizations can be fined up to 4% of their annual turnover for not being compliance with GDPR. Maximum fine could be €20 Million if it is less than 4% of their annual turnover.
Magento GDPR Compliance Checklist
1. Update Privacy and Terms of Service Information with information that clearly answers to the following:
2. Cookie consent
Visitors to the website needs to be presented with option to accept or deny the use of cookies.
3. Explicit Opt-In for accepting the sites privacy policy and for any subscriptions during checkout/account creaion.
All opt-ins have to be explicitly selected by the customer, pre-checked boxes or formulations in fine print is NOT allowed.
4. Opt-out available for all subscriptions
All subscriptions and all saved data options must have easy accessible opt-out options.
5. Removal or anonymization of Person data.
There needs to be easy accessible options for customers to request their personal information to be deleted or anonymized.
6. Access to all customer data
Under GDPR customers have the right to request a full copy of all personal ta saved on them in the Magento store.
To make Magento GDPR compliance easier, you can use a Magento GDPR compliance extension:
Magento 2:
GDPR for Magento 2 by Amasty
Lets you create privacy policies, collect users consents for personal data processing, and manage all the privacy issues within a single tool.
GDPR for Magento 2 by Aheadworks
Provides the necessary toolset to comply with some of the most essential GDPR regulations.
Magento 1:
GDPR for Magento 1 by Amasty
Lets you create privacy policies, collect users consents for personal data processing, and manage all the privacy issues within a single tool.
What is the GDPR?
The GDPR is a set of regulations regarding the collection, storage and use of customer data that affect all companies doing business inside the EU. This not only applies to EU based companies but also any companies world wide that have any customers/employees/users that are located within the EU.
The GDPR places equal importance to all forms of personal customer data: photos, social media posts, IP addresses, bank details and any identifying numbers such as NI or SSNs. All personal customer data regardless of origin should be opt-in only, stored securely and used only with the customer’s explicit permission.
The GDPR does offer some leeway in regards to “reasonable” level of security and usage of social data. But in all cases the customer/user have to give their explicit opt-in consent for data storage and usage and pre-filled check-boxes and consent “hidden” within conditions/privacy texts are not allowed.
GDPR have three profiles for data handeling:
How will this affect e-commerce businesses?
The GDPR applies to all databases, marketing, sales, HR, accounting; Any way data is stored or processed, will fall under the new regulation. Here are a few key findings from the GDPR statement:
Clear consent for marketing activities
As mentioned above, data subjects (customers/employees/users) must actively opt into marketing activities, no more pre-filled check-boxes or consent below the fold. Whilst this has been best practice from many marketers, what may impact some is the “Use of data for 3rd parties” checkbox, of which now must list the third parties that may have access to their data specifically. All of the above will impact the marketing industry, especially when it comes to personalisation, profiling and any marketing activities that involve big data processing.
The right to be forgotten
It must be easy for customers to not only edit their data and remove consent to marketing activities but also to delete their account and information entirely from a system.The deletion process must be easy to navigate, documented and advertised for those looking to remove their personal data.
Immediate breach response
As of May next year, both controllers and processors of customer data will need to abide by the GDPR. For larger companies, a Data Protection Officer must be appointed, whose first responsibility is to report data breaches and misconduct to the ICO. Online businesses must have a stringent procedure to follow when a data breach is detected and report to both the ICO and data subjects within 72 hours.
Increased fines for non-compliance, breaches, and misuse
With fines up to €20 million, or 4% of annual revenue, SME’s simply can’t afford to make mistakes. Data must be stored securely. Businesses must be responsible for how and where their data is stored, and this may be multiple locations for e-commerce companies utilising third-party software partners. Encryption is a must and strict rules must be in place for data access.
Resources:
– Wikipedia – General Data Protection Regulation
– GDPR L119, 4/5/2016 – Official Journal of the European Union
osCommerce Online Merchant Community Bootstrap Edition v2.3.4.1 Frozen is a stable version that is mobile responsive and PHP7 compatible.
This is the final release of osCommerce Online Merchant Community Bootstrap Edition and it will receive no further changes, fixes or updates.
The code is open source and available on Github for any who wish to use or develop it further.
NOTE: This is not to be confused with the official osCommerce Online Merchant versions which are still being developed and are available for download at the official osCommerce website.
Resources:
– osCommerce Community Bootstrap Edition GitHub
– osCommerce Community Bootstrap Edition v2.3.4.1 Frozen Download
– osCommerce Offcial Website
– osCommerce Official Downloads Page
– osCommerce Forum
PHP 7 represents significant improvements over earlier versions, and its improved speed is especially beneficial for sites running Magento.
Magento 2.X supports PHP 7 from the get-go while Magento 1.9.x , latest version at the time of writing is 1.9.3.6, does not support PHP 7 out of the box.
The fastest way to get magento from 1.9.2.X and up to work on PHP 7 is to use Inchoo’s PHP 7 compatibility extension for Magento 1.
Patching Magento 1.9.2 and up with the PHP 7 compatibility extension will make the core magento run fine on PHP 7.
If your shop has extensions added, these might still not be compatible with PHP 7.
You can contact the authors of your shops extensions and check for PHP 7 compatibility and if they do not support it then you can remove it, request them to make a new version that supports PHP 7 or as long as its not an encrypted extension modify it yourself to work on PHP 7.
A good tool to help in the process of checking and finding PHP 7 related issues the PHP 7 Compatibility Checker is a very useful tool.
This list of PHP 7’s backward incompatible changes is also useful if you want to modify the extensions yourself.
Resources:
– Magento download
– PHP 7 compatibility extension for Magento 1
– PHP 7 Compatibility Checker
– PHP 7’s backward incompatible changes
Magento Community Edition (CE) is now refereed to as Magento Open Source while Magento Enterprise (EE) is refereed to as Magento Commerce.
These new 2.x versions includes many security and functionality enhancements as well as bug fixes which makes updating earlier versions a highly recommended course of action.
Security Enhancements include improved handling of:
– cross-site request forgery (CSRF)
– unauthorized data leak
– authenticated Admin user remote code execution vulnerabilities.
Functionality enhancements:
– Improved PayPal Express Checkout.
– Translations from themes.
– Improved JavaScript-related translation handling.
Resources:
– Magento 2 download
– Magento Open Source 2.2.1 Release Notes
– Magento Open Source 2.1.10 Release Notes
– Magento Open Source 2.0.17 Release Notes
– Magento Commerce 2.2.1 Release Notes
– Magento Commerce 2.1.10 Release Notes
– Magento Commerce 2.0.17 Release Notes
New Opencart 3.0 features:
– Integrated extensions/themes marketplace enabling searching and adding extensions and themes directly in admin.
– Integrated language translations connected to the Crowdin Project in admin.
– Theme editor using Twig for easy design editing via admin.
– Language editor for easy language editing in admin.
Resources:
– Twig
– Crowdin Project
– Opencart
– Opencart Demo
– Download Opencart
These new CE and EE updates include over 15 security enhancements as well as functionality improvements for Magento 2.x.
Mastercard Bin Range Update.
Support for MasterCard BIN number expansion. MasterCard recently added a new series of Bank Identification Numbers (BIN).
The following Magento versions needs to be upgraded or patched to support these Mastercard changes.
– Enterprise Edition 2.1.2 or earlier
– All Enterprise Edition 2.0.x releases
– All Enterprise Edition 1.14.2.x releases or earlier
– All Community Edition 1.9.2.x releases or earlier
Resources:
– MasterCard BIN Range Update
– Magento Community Edition 2.1.7 Release Notes
– Magento Enterprise Edition 2.1.7 Release Notes
– Magento Community Edition 2.0.14 Release Notes
– Magento Enterprise Edition 2.0.14 Release Notes
– Magento Community Edition 1.9.3.3 Release Notes
– Magento Enterprise Edition 1.14.3.3 Release Notes
Work is in progress both on the current stable Oscommerce 2.3.3.4 and the new up and coming Online Merchant v2.4.0 Joli.
The community version is the closest to being fully compatible with PHP 7 as of the time of writing this, and it has its own PHP 7 compatibility branch on Github that is more or less ready to run on PHP 7.
Resources:
– osCommerce
– GitHub osCommerce Responsive Community PHP 7 Compatibility Version
osCommerce v2.4 is mobile responsive, incorporates many of the solutions developed for osCommerce 3.0, has an online update software feature and drop-in add-on install without modifying core code.
Future versions will also have admin side one click app install.
osCommerce V2.4 is open source released under MIT license.
Resources:
– osCommerce V2.4 Demo
– osCommerce V2.4 Download
– osCommerce V2.4 Docs