The Impact of the Magento 1 End-Of-Life on PCI Compliance

June 3, 2020/in Magento 2.0, Security, Upgrades & Updates /by Maria Alcones

What it means to be PCI Compliant and why it is important.

PCI Compliance is an essential component of any credit card companies security protocol. Being PCI compliant means consistently adhering to a set of guidelines set forth by the PCI Standards Council, an organization formed in 2006 for the purpose of managing the security of credit cards for online and offline transactions.

All companies that process credit card information are required to maintain PCI compliance as directed by their card processing agreements. PCI compliance is an industry-standard and requirement. Businesses that do not adhere to these standards can be held accountable for agreement violations and negligence.

Magento 1 EOL and the impact to PCI Compliance

As of June 30, 2020, Magento is ending support for all versions of its Magento 1 e-commerce platform. This means that Magento/Adobe will no longer be providing bug fixes, upgrades, and most importantly security patches. It is assumed that without Magento/Adobe’s oversight of Magento 1’s security, that no one will be monitoring or detecting any future vulnerabilities. Actually, malicious characters will continue to look for vulnerabilities and exploits to attack. The versions of Magento 1 that are impacted include Magento Commerce 1 (formerly known as Enterprise Edition) and Magento Open Source 1 (formerly known as Community Edition).

PCI Non-Compliance Global PCI DSS standards require each entity to “develop and maintain secure systems and applications by installing applicable vendor-supplied security patches.” If you continue to use Magento 1 after June 30, 2020, your Magento instance is at risk for being out of compliance with Payment Card Industry Data Security Standards (PCI DSS). Your payment processors and merchant banks may view your Magento instance as no longer being secure and consequently non-compliant. Here are a few announcements from major payment processors related to Magento 1 end-of-life and PCI compliance.

PayPal is indicating that you have one month after June 30, 2020 to get PCI Compliant. They also indicate that all payment processors have the same obligations and requirements under PCI DSS.

What are your options?

Magento 1 merchants must take immediate action and should be actively planning and pursuing migration to Magento 2 or a modern actively-maintained e-commerce platform. Simply put, the risk and opportunity cost of maintaining a Magento 1 instance will increase over time the technology becomes more obsolete, and nefarious characters look for opportunities to exploit Magento 1.

Migrate to the Magento 2 Platform or migrate to another vendor-supported platform as soon as possible.
PayPal and Crimson Agility are partnering to provide loans to help small businesses to help with the migration costs of migrating to Magento 2.
Companies like Webscale Networks and Nexcess also offer a safe harbor hosting for your Magento 1 sites if you are unable to migrate off of Magento 1 before the end-of-life. This is a short-term solution, but Crimson Agility can help you understand these options and migrate to these experienced Magento hosting partners. These options are short-term solutions and it is unlikely they address PCI compliance concerns fully.

We can help!

Crimson Agility’s MAGENTO RAPID DEPLOYMENT PACKAGES are fixed-cost implementation solutions. Our packages are great for small to large businesses wanting to move to Magento Commerce® or Magento Cloud Edition®. Crimson Agility’s MAGENTO EXPRESS PACKAGES are available for merchants migrating from Magento 1 or any other e-commerce platform.

At Crimson Agility, we value trust, accountability, best practices, being responsive, and high-quality work. Our ability to provide rapid high-quality implementations of Magento 2 is grounded in our experience, methodology, commit to training, and by our US-based staff of certified Magento professionals.

We are ready to provide a free estimate to upgrade your site.

How Artificial Intelligence can Help Improve e-Commerce Sites

February 6, 2020/in Blog Topics, Ecommerce, Performance, Technology, Upgrades & Updates /by grahamjones

Written by Graham Jones

It wasn’t long ago when we heard the words “I’ll be back,” strewn across the screens of millions. Where a black sunglasses and leather clad Arnold Schwarzenegger stands with a smoking shotgun. He came from a devastated and desolate future ruled by the cruel superintelligence of SkyNet with the steel fist of the Terminators. Is this what is waiting right around the corner for humanity in the years to come?

What is Artificial Intelligence (AI)

According to Merriam Webster:

a branch of computer science dealing with the simulation of intelligent behavior in computers
the capability of a machine to imitate intelligent human behavior

AI is the use of predictive algorithms that use social trends to come to outcomes and that account from previous interactions. Using these features to emulate human behavior and intelligence. See, it isn’t always a robot from the future with a shotgun!

When will Artificial Intelligence be in our Daily Lives

I hate to break it to the people out there terrified by the fact of Artificial Intelligence (AI), but it is already a part of daily life. Have you ever searched on Google and the drop down attempts to guess the search result. That is AI. When you use Siri or Google Assistant to see what the weather outside is. That is AI. When you get a fraud notification from your bank stopping a possible threat to your identity. That is AI. I know this might be frightening, or surprising information to some. However, this can possibly help your e-commerce site get to the next level.

How can AI Help Improve E-Commerce Sites

Chatbots

Chatbots allow a way to provide customer service while simultaneously freeing up human resources saving you money and employee frustration. They provide quality customer service 24/7 with quick responses that can satisfy the most frustrated of customers. Using Chatbot AI it can reduce user errors. Plus they can sprinkle some humor into any conversation, and they never are in a bad mood.

Inventory Management

Through the use of Artificial Intelligence inventory has never been easier to manage warehouse inventory around the world. AI has the capability to predict demand based on algorithms and external data. It can sort through massive amounts of data to determine trends and help keep items in stock. Adding the fact that robotic automation is helping save costs, streamlining production, and eliminate user error. Keeping your customers happy and your profits up.

Recommendation Upselling

Through the collection of previous users and visits to a website, AI can determine trends and pinpoint products that a specific customers might want. This provides a personal touch to an immersive website experience that allows the customer to see the products they want. Not having to wade through products that are less desirable can make the shopping experience even more streamlined.

So about the Takeover…

AI contributes to our daily life constantly whether we notice it or not. The desolate future that we see in the movies is not an issue of today. It isn’t evil, but a beneficial tool. Why not let it be a solution or improvement to some of your e-commerce needs? Let Magento be the catalyst to improving your business. Contact Crimson Agility for your Magento needs “come with us if you want to live” and get even higher profits.

Until next time, let’s get social! Like us on Facebook, follow us on Twitter, Instagram and on LinkedIn.

About the Author: Originally from Canada, My family and I moved down to Arizona when I was young providing me the great opportunity to grow-up in this beautiful state and country. I previously worked in the medical field as a Quality Assurance Manager, and was given the great opportunity to break into the field of eCommerce. I am excited to work for the Crimson Agility Team as a QA Analyst!

Tips and Tricks for Styling Magento 2 Websites

February 6, 2020/in Blog Topics, Ecommerce, Magento 2.0, Technology, Upgrades & Updates /by rsamartino

Written by Rich Samartino

One of the driving principles in software development is DRY – ‘Don’t Repeat Yourself’. This has led to the rise of package managers like PHP’s Composer, which is utilized by Magento 2 – one of the key differentiators between it and Magento 1.

In a similar way, Magento 2’s usage of the Less CSS preprocessor allows frontend developers to join the DRY movement. Instead of redeclaring font colors, page widths, or input border styles in multiple places, CSS preprocessors allow these values to be declared as variables.

An even more powerful feature is mixins, which allow entire blocks of styles to be declared as a kind of function, with or without arguments, that can then be used in multiple places. It is similar in concept to declaring a PHP abstract class which is then used as-is or modified by the implementing child class.

The Magento team built an extensive frontend library utilizing Less variables and mixins so that developers can customize the default theme with minimal amounts of custom code. Below, I’ll show some examples how to do this, and highlight some other useful features to make your frontend Magento 2 development a little easier.

Utilizing the Magento UI Library

As documented in Magento DevDocs, your custom theme can totally transform the look and feel of default Magento styles simply by redefining a few Less variables, as shown in this example:

Ideally, your variable redefinitions should go in <theme_dir>/web/css/source/_extend.less (they can also go in <theme_dir>/web/css/source/_theme.less, but this will override the parent theme’s _theme.less file.)

One question is, how do you know which variables to override? Consult the Magento UI Library docs, or inspecting default styles in the browser (made easier with CSS source maps and Grunt, covered below), will reveal which Less mixin is outputting the style, and inspecting that mixin will tell you which variable contains the value you want to change.

For example, the Luma theme styles primary action buttons here with a mixin defined here. Looking at that mixin, you can see that various button styles default to Less variables; for example the background color defaults to the @button-primary__color variable. So, redefining the @button-primary__color in your _extend.less file will change the background color of those buttons throughout the website.

It’s worth reading through the DevDocs on this topic and familiarizing yourself with all of the different mixins and variables used by the UI Library because it will save you a lot of lines of code now and make your styles much more maintainable and extendable in the long run – unless you’re a WET programmer – ‘we enjoy typing’ 😉

Using Mixins Defined in _utilities.less

Some handy (and less documented, as far as I can tell) mixins are located in _utilities.less. Some styles, like flexbox, require vendor prefixes to maintain compatibility with older browsers. Magento wrote a mixin to save you from typing out these prefixes. There’s also a more generic .lib-css() mixin that will output these vendor prefixes for any CSS style if the @_prefix argument is specified.

Again, it could be worth spending a few minutes perusing _utilities.less since some other handy mixins are included, like .lib-url which makes referencing asset urls a little easier (but mysteriously isn’t used in core code anywhere…)

All Styles Should Be Wrapped in Magento Media Query

Personally I don’t think this was a great idea by Magento, but all styles, even those which don’t target a certain screen size, should be wrapped in a media query, or else they will be output in both styles-m.css and styles-l.css, making browser debugging harder and file sizes bigger. You can find many examples of these media queries in core code, including here.

Compiling Styles with Grunt

Your frontend development will be made much easier by using Grunt to compile styles, rather than clearing pub/static and relying on PHP to process Less styles. Grunt compiles styles faster and produces CSS source maps, which allow you to see exactly which Less file styles are coming from in your browser. Grunt setup and usage is well documented here.

Conclusion

As you can see above, taking some time to investigate Magento’s Less-based UI Library will make writing styles for Magento much more interesting, less repetitive and more maintainable.

While this is all a great improvement over writing styles in .css files, technologies such as Less and Grunt, originally included in Magento during its development ~5 years ago, have been surpassed in popularity or technological superiority by Sass, Gulp, npm scripts, webpack and probably many other technologies I’m not aware of. Additionally, Magento might have chosen to base its default styles on a more actively developed library like Bootstrap, which can be included in a project’s build pipeline using Sass files and extended similarly to how I described extending Magento’s homegrown UI Library above.

So, try to master, but don’t feel limited by Magento’s default styles framework. Here at Crimson Agility’s Arizona office, our goal is to make your code as DRY as the Sonoran Desert 🙂

Until next time, let’s get social! Like us on Facebook, follow us on Twitter, Instagram and on LinkedIn.

About the Author: Drawn to the open source, modern architecture of Magento 2, Rich has channeled his passion for technology into mastering the trade of E-Commerce Engineer. Originally an IT major, Rich spent several years away from technology exploring many ‘offline’ aspects of life, picking up skills such as knitting and guitar-playing, but eventually gravitated back to technology to build web applications for several nonprofits. With the seed of object-oriented web development planted, Rich continued to blossom as a web developer with an innovative sleep technology company, playing an integral role in launching its new Magento 2 website. Hungry for more Magento 2 experience, Rich has landed at Crimson Agility, where he looks forward to applying his talents to build you a great website!

Why Magento Best Practices are Important to Your Business

January 3, 2020/in Blog Topics, Development, Ecommerce, Magento 2.0, Technology, Upgrades & Updates /by

Written by Erica Summers

What are you really getting out of a team of Magento experts? Why pay the extra fee to do something the “best practice” way, instead of the quickest or cheapest? And what will one approach versus another cost you in the long run?

If you ever hear from a development team about doing things to follow “best practice”, or are working on estimating different tasks or features and get a few different approaches and time estimates, there’s a very important reason why. It comes down to the versatility of Magento. For instance, Magento’s open source platform has been around for over a decade. It’s a large, complex piece of software that is continually growing and changing, with a large worldwide community of developers continuously improving it. With this never-ending change and growth, code ends up being refactored, standards change, and new features are added. All of this translates into one important takeaway: there is no one way to get something done.

In fact, for any given task or feature there’s probably tens or hundreds of different ways to do the exact same thing, and at one given point in time some of them were the “best practice” way, but that changed and has now become obsolete.

So what does this mean for you as a client?

In short, it comes down to picking the right team and knowing you can rely on their expertise.

There is a growing number of Magento-specific developers and each will have their own way of doing things. Often, you get what you pay for, with cheaper services getting the same thing done but in a way that’s inefficient, disorganized, and ends up costing more in the long-run to fix or upgrade when needs change. Sometimes you’ll lose inbuilt Magento features, or they won’t work as intended because updates were not completed in a way that is upgrade-safe working within Magento official guidelines.

The value you get when working with a certified Magento partner is knowing that not only will the work get done and things will be up and running, but that we will ensure we are working within best practices, keeping up with the standards. This means you have a reliable site that leverages all the exciting inbuilt Magento features and is easy to upgrade, customize, or change. It gives you more flexibility, ability to grow, and reduce cost over time. It also means that you’ll work with a team who won’t just hack at the code to get something done, but will think critically about what the best approach is to get the work done, and how it might need to grow in the long run.

You need a team focused on the big picture. A team that’s dedicated to high-quality service, keeping up with industry standards, and is always learning and growing.

That’s where we come in.

How Can Crimson Agility Help you Graduate to Magento Commerce 2?

We have migration options! We offer three MAGENTO QUICK START PACKAGES that are fixed-cost implementation solutions. Our packages offer great price points whether you are a small business or large enterprise wanting to move to Magento Commerce. Making the move doesn’t have to be hard and will result in improved security & performance, seamless shopping everywhere with PWA, increased conversion rates, more streamlined operations, and a better overall end-user experience.

Contact us today and learn more, we are here to help and love what we do.

About Author: Erica Summers, is passionate about both design and functionality, creating the best tool for the job and then giving it an edge. I started as a designer and front-end developer over a decade ago before jumping into JavaScript and PHP and have been focused on backend ever since. I love technology and finding new creative ways to solve problems! Also, I’m new to Arizona and learning my way around the area but I’m loving it so far!

Until next time, let’s get social! Like us on Facebook, follow us on Twitter, Instagram and on LinkedIn.

Previewing Local Development with WSL 2

December 19, 2019/0 Comments/in Development, Ecommerce, Magento 2.0, Performance, Support, Upgrades & Updates /by David Orlando

Why You Should Upgrade to Magento 2.3

June 11, 2019/0 Comments/in Blog Topics, Ecommerce, Magento 2.0, News, Security, Upgrades & Updates /by

Magento has announced that as of January 2020, Magento 2.2 will no longer be supported. This means new versions will no longer be released for any Magento 2.2 instance, whether it’s security updates or bug fixes. With this news, you should be looking to upgrade to Magento 2.3 in the near future. In this post, I will explain the major differences between 2.2 and 2.3, and why you should be upgrading. There are many minor bug fixes and security updates that have happened in the changelogs for 2.3, but I will be mainly focused on the major changes: new functionality and major security improvements.

Magento Open Source

Magento Open Source 2.3 comes with quite a few new features, such as Multi Source Inventory, PWI, declarative schema, GraphQL, and many others. In this section we will go in-depth for each one.

Multi-Source Inventory

Multi Source Inventory (MSI) allows merchants to have multiple different warehouses, brick and mortar stores, or distribution centers, and ship from each one depending on which location has the product ordered in stock and even which warehouse is closest to the shipping address on the order. This can help decrease not only shipping times, but also shipping costs.

PWA Studio

Progressive Web Apps (PWA) Studio allows for developers to create a much more intuitive mobile application and can increase performance on mobile devices immensely. In 2018, over 52% of all web traffic came from mobile devices, so having a performative, intuitive, and attractive mobile website is vital in today’s day and age.

GraphQL

This is more of a developer’s tool, however it’s incredibly useful. This allows much quicker and easier manipulation of databases. When used correctly, it can send and receive database information much more efficiently than the standard MySQL system that Magento 2.2 uses

Declarative Schema

This is another developer tool but is also really helpful for Magento when releasing new security patches. Declarative schema allows developers to declare how they want the database to be structured without having to maintain an upgrade or install script in the module. This means that Magento can make database schema changes in patches, which wasn’t previously possible.

Magento Commerce

Magento Commerce has all of the Magento Open Source changes, along with a few extras. In this section we will go over a few of the improvements that aren’t included in the Magento Open Source Version.

Page Builder

One of the most impressive improvements in Magento 2.3 thus far is the page builder. This has vastly improved the CMS content development and makes it extremely easy for merchants to set up their static content without the need of a developer.

CMS Improvements

In situations where you use the WYSIWYG editor but the page builder isn’t available, the WYSIWYG editor has also had some great improvements. If you’ve used the Magento 2.2 WYSIWYG editor, you have probably noticed a plethora of icons, many of which are hard to understand. In 2.3 they streamlined the WYSIWYG editor to look much more simplistic and easier to understand.

There’s a multitude of reasons to upgrade to Magento 2.3. Due to a SQL injection vulnerability found in 2.3.0, we highly recommend skipping 2.3.0 and upgrading straight to 2.3.1. If you are already on 2.3.0 and haven’t applied the patch to fix the vulnerability or upgraded to 2.3.1, upgrade immediately. For those of you currently on 2.2, due to Magento dropping support of 2.2 as of January 2020, it’s best to upgrade soon. We can help you upgrade to 2.3.1 as well! Just contact us here so we can get started.

Have you heard about our new webinar happening on June 20th? We are going to be discussing about B2B commerce and using Magento 2.3 It will begin at 9:00 AM

Until next time, let’s get social! Like us on Facebook, follow us on Twitter, Instagram and on Linked In.

Thanks for stopping by!

Crimson Agility Team

UPGRADE TO MAGENTO 2.3.1

March 27, 2019/0 Comments/in Magento 2.0, Support, Upgrades & Updates /by David Orlando

Magento is making increasing headway in e-commerce innovation and that trend continues with Magento Commerce and Magento Open Source 2.3.1. The new update offers merchants better control, creation tools, and will save you time and money when interacting with your e-commerce site.

There are over 200 improvements included in this update. You can look forward to merchant tool enhancements such as improved order creation workflow, Distance Priority Source Selection algorithm (SSA) option in Multi-Source Inventory, and enhancements to mass inventory transfers. Additionally, the Progressive Web App (PWA) studio now has more tools than ever before to help you build and deliver state-of-the-art mobile experiences. The update also offers the latest version of PayPal Express Checkout, Venmo, Shipment Cancellation, and enhancements to many of Magento’s existing features. For B2B customers, 2.3.1 now supports address books of more than 3,000 entries.

If you’re interested in upgrading your Magento site, contact us to schedule a complimentary assessment and estimate. Crimson Agility is nations’s fastest growing and Magento Professional partners in North America, providing local and nationwide brands both e-commerce and Magento consulting and development services. Simply fill in your information to contact us to schedule your complimentary Magento assessment.

For more information about Magento 2.3.1.