Good grief.

from the SIM module configuration settings:
Gateway Mode
Where should customer credit card info be collected?
onsite = here (requires SSL)
offsite = authorize.net site

default = offsite
If you want the card to be processed on the Authnet site, set the SIM module into "offsite" mode. Otherwise it'll attempt to collect the card on your site the same way the AIM module will.

No need to hack code at all.


As for the recommendation to use SSL on your site ... ANY site that collects ANY personal information SHOULD protect that info via SSL. The choice is yours, and at the same time it's also the customer's choice. Many people DO in fact refuse to provide personal address information if the page is not protected by SSL. Even SSL-protecting password-entry pages is also preferred, and for many customers if it's not an option, they'll click to another site where they can see that the storeowner cares enough to spend the chump change to get themselves an SSL certificate and treat their customers' data securely. Do what you like, but realize there are consequences to your choice.