You may have received a sudden email from Authorize.net today about phasing out their older MD5-hash keyphrase validation feature.
Things to note:Authorize.Net is phasing out the MD5 based transHash element in favor of the SHA-256 based transHashSHA2. The setting in the Merchant Interface which controls the MD5 Hash option will be removed by the end of January 2019, and the transHash element will stop returning values at a later date to be determined.
1. This MAINLY affects the Authorize.net SIM module (often seen as "authorizenet" in your Zen Cart admin, not "authorizenet_aim"). See more about the AIM module below.
2. The "end of January 2019" refers ONLY to the ability to set/add/change an MD5 Hash keyphrase in your Authorize.net account admin panel. That option will disappear end of January.
3. The module WILL (at least temporarily) continue to work fine if you ALREADY have an MD5 Hash phrase set. That's what they mean by "will stop returning values at a later date to be determined."
So the good news is that (for now) there's no need to worry about having to "fix" something "today" (ie: January).
We're investigating an update for the SIM module, and will post about it when it's ready later, in about a month.
The AIM module.
Currently, in your Zen Cart Admin payments panel if you have the AIM module enabled and in its settings you have an MD5 Hash value set, the module will check that against the MD5 value set in your Authorize.net account. But if you leave it blank, it will skip the check.
So, if you're using AIM (not SIM), then when Authorize.net finally announces their "later date to be determined", you can just change this to a blank value in order for it to continue without problem. You can also do that today if you wish.
ACTIONS:
If you're using the SIM module, replace it with the attachment in the post below.
If you're using the AIM module, you can blank-out the MD5 Hash setting in your ZC Admin.
Bookmarks