Action Required - PayNearMe IP Changes April 16, 2025 (Updated)

Service Bulletin

Action is required to prevent service disruption due to PayNearMe's network security improvements. Share this service bulletin with your IT service provider.

What’s Happening 

PayNearMe is implementing additional improvements to enhance our network security. To ensure uninterrupted service, confirm network and TLS settings before the maintenance window if you use outbound IP restriction or old TLS ciphers.

🗓️ Production Maintenance Window: April 16, 2025 - 12:00-3:00 AM Pacific Daylight Time

Potential Impact

Outbound access to PayNearMe may be interrupted if your network and TLS settings are incorrect. This may affect the PayNearMe Business Portal, Agent Interface, API integrations, and SFTP file transfers.

No other service impact is expected beyond brief DNS propagation during the maintenance window.

Required Actions

1️⃣ Domain or IP Allowlisting

Ensure your firewalls allow traffic to PayNearMe domains through Fastly’s IP addresses.
Allow paynearme.com and paynearme-sandbox.com. Refer to the following documentation for details.
🔗 PayNearMe Domain or IP Address Allowlist
🔗 Fastly IP Allowlist 

2️⃣ TLS 1.2+ Configuration

Your systems must support TLS 1.2 or higher. Disable outdated or insecure cipher suites such as SHA-1.
🔗 PayNearMe Required TLS Settings
🔗 Fastly TLS Best Practices
🔗 How to Check Your TLS Version and Cipher Suites

How to Confirm

✅ Test functionality with our sandbox environment paynearme-sandbox.com

✅ Please reply confirming functionality, specifically:
✔ Your network/firewalls allow paynearme.com and/or Fastly IP Allowlist.
✔ Your TLS settings follow Fastly TLS Best Practices and outdated ciphers have been disabled.

Please review and confirm your network firewall and TLS configuration with your IT service provider. It is crucial that you share this service bulletin with your IT service provider, as they will need to make the required configurations. PayNearMe has no visibility into internal network configurations.

Contact support@paynearme.com with questions or if you experience connection issues.

View glossary of technical terms below.

Glossary

• Allowlist: List internet locations your servers are allowed to talk to.

• API: A set of rules and tools that allow different software systems to communicate and integrate with each other.  - not applicable to all integrations

• CDN (Content Delivery Network): A network of servers distributed across various locations to improve the speed and reliability of delivering online content.

• Cipher Suite: is a set of algorithms and protocols that secure connections between clients and servers. Cipher suites are used with Transport Layer Security (TLS), which is often referred to as Secure Sockets Layer (SSL).”

• DNS (Domain Name System): A system that converts human-readable domain names into machine-readable IP addresses.

• Domain: A unique name that identifies a website, consisting of a name and an extension (e.g., example.com).

• Firewall: A security system designed to monitor and control incoming and outgoing network traffic based on specified rules.

• Host: A specific computer name at PayNearMe domain

• IP Address: A unique address assigned to a PayNearMe computer service

• Production: Live environment for agent and customer transactions

• Sandbox: Test environment

• SFTP (Secure File Transfer Protocol): System for transferring data files and reports - not applicable to all integrations

• Transport Layer Security (TLS): a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. (How to Check Your TLS Version and Cipher Suites)