SagePay to drop support for Internet Explorer 6

SagePay have announced today that, as of 21st November, their payment pages will no longer function for visitors using the Microsoft Browser IE6.

Internet Explorer 6 was first released on August 27th, 2001 and is infamous for both its security issues and for its irregular implementation of web standards (meaning that most web sites can only be made to look even reasonably close to how they are supposed to look with a lot of special code specifically to handle IE6).

Due to its age, IE6 is now found on less than 1% of computers in the Western World and only 0.1% in the UK.

This latest move by SagePay is following the revelation of a security vulnerability called "Poodle" and so, in order to avoid customer's card data being compromised they have found it necessary to block any IE6 customers from using their payment pages. This security vulnerability relies on an exploit in the SSL 3.0 security protocol that is the default mode for IE6 - newer browsers will default to using the more robust TLS standard.

SagePay are far from the being the first to drop support for IE6 - Google withdrew support for IE6 on its Gmail site in 2010 whilst Microsoft themselves suggest IE9 is the minimum for accessing Hotmail (Outlook.com). Twitter have also announced today that they are dropping support for SSL 3.0 becuase of this vulnerability.

Discover more: https://www.modern.ie/en-us/ie6countdown