Post by brettcyr » Fri Jan 18, 2019 11:33 am

I received this information from Authorize.net and wanted to know if anyone has figured out how to implement this...I have NO CLUE how to do this..

Authorize.Net is phasing out the MD5 based transHash element in favor of the SHA-256 based transHashSHA2. The setting in the Merchant Interface which controls the MD5 Hash option will be removed by the end of January 2019, and the transHash element will stop returning values at a later date to be determined.

We have identified that you have this feature configured and may be relying on MD5 based transHash in transaction responses for verifying the sender is Authorize.Net.

Please contact and work with your web developer or solutions provider to verify if you are still utilizing MD5 based hash and if still needed to move to SHA-256 hash via Signature Key.

Please refer your developer or solution provider to our Transaction Hash Upgrade Guide for more details and information on this change.

Newbie

Posts

Joined
Fri Jun 17, 2016 9:27 am

Post by jwyatt » Thu Jan 24, 2019 5:45 am

I also have this question. It is quite concerning. I reached out to Authorize.net and they said it's possible it would result in errors appearing post check-out, which would likely mislead customers to think their order failed (when in fact they did get charged). Meaning they would probably try again (and get charged again). Yikes! Hoping someone has some insight on this too =)

Newbie

Posts

Joined
Thu May 31, 2018 5:38 am

Post by JohnnyCee » Fri Jan 25, 2019 3:01 am

At this point, it looks like I have to drop Authorize.net or opencart. <sigh>

Newbie

Posts

Joined
Wed Oct 26, 2016 7:18 am

Post by Hillbilly57 » Fri Jan 25, 2019 6:47 am

Alas, I'm faced with the same issue. I've got too much time and money invested in OpenCart to ditch it, but it looks like I may have to.

A hillbilly in America


Newbie

Posts

Joined
Thu Dec 13, 2018 11:27 am

Post by Hillbilly57 » Fri Jan 25, 2019 7:11 am

I found an SIM payment extension that, among many other features, claims to provide a solution to the Authorize.net hash problem. I'll install on client approval and get back with a report.

Here it is - http://tinyurl.com/yb8qxqpy

A hillbilly in America


Newbie

Posts

Joined
Thu Dec 13, 2018 11:27 am

Post by jwyatt » Tue Jan 29, 2019 5:50 am

We recently reached out to a local developer, and she explained to me that MD5 is something that shopping cart platforms across the board have been anticipating for nearly a decade. She said many of her clients received the same warning from Authorize.net, even though their shopping cart platforms were fully up to date.

Furthermore, when I contacted Authorize.net's chat support, they informed me that ALL customers received this message. In other words, many people received this warning whether or not it pertains to their site.

The developer I just spoke with encouraged me to look into whether or not OpenCart (in our case, 2.2.0.0, which is only a few years old) did prepare for MD5, and her sense was it probably already did. I'll search these forums to see if I find anything speaking to this, and report back.

Newbie

Posts

Joined
Thu May 31, 2018 5:38 am

Post by jbcul » Fri Feb 15, 2019 2:04 pm

I posted about this in October last year but since I mentioned it in a 2nd post, I was pointed back to my other post and told it was redundant and the call would be canceled. In typical OpenCart fashion, my face was rubbed in the redundancy but nobody had the courtesy to tell me if OpenCart was going to deal with this. There was a vague reference to Daniel and the Developers GitHub but again, no clue if this will be ignored and sites using Authorize.net will suddenly be without a payment solution.
It would be nice if anyone would give an update. I don't want to leave Authorize.net and can't leave OpenCart at this time due to the work involved.

New member

Posts

Joined
Fri Feb 01, 2013 9:18 am

Post by Hillbilly57 » Tue Feb 19, 2019 2:38 pm

I tried the plugin I mention in a previous post - Authorize.net SIM integration + iFrame. It's not terribly cheap ($79.99) but it works like a charm, worth every penny to me. http://tinyurl.com/yb8qxqpy

A hillbilly in America


Newbie

Posts

Joined
Thu Dec 13, 2018 11:27 am

Post by UnaBower » Tue Feb 19, 2019 3:07 pm

Additionally have this inquiry. It is very concerning. I connected with Authorize.net and they said it's conceivable it would result in blunders showing up post registration, which would probably misdirect clients to think their request fizzled.

Newbie

Posts

Joined
Thu Feb 07, 2019 2:48 pm
Who is online

Users browsing this forum: thekrotek and 10 guests