That’s correct, your canister needs to expose a method to accept notifications. Note however, that if anybody was allowed to call ledger notify method, you’d still need such a method: Ledger’s notify just calls transaction_notification method on the destination canister, just as the original caller might have done. The main difference between calling transaction_notification directly or doing this through the ledger’s notify call is the receiver of the notification will see a different values of the caller attribute.
It’s indeed easier to validate transactions if the notification comes directly from the ledger, but this mechanism was never intended for the general use: it scales poorly and it has security risks for the ledger canister. The notify mechanism is likely to be removed from the ledger interface in future.
Im my recent community conversations talk, I described a way to validate transactions on the Ledger without relying on Ledger notifications. @kpeacock is also working on a service that will provide a simplified payment validation mechanism: Payments - Invoice Canister Design Review