Posted: January 11, 2019 at 2:35 pm
|
OK Anyone, I just got this notice. Is this something I need to worry about? If so, what changes are needed? I am running EE3 Business level. Thank you in advance. PS – Can we get some Square support for EE3 so I can switch to that and drop Authorize.net entirely? Authorize.Net is phasing out the MD5 based transHash element in favor of the SHA-256 based transHashSHA2. The setting in the Merchant Interface which controls the MD5 Hash option will be removed by the end of January 2019, and the transHash element will stop returning values at a later date to be determined. We have identified that you have this feature configured and may be relying on MD5 based transHash in transaction responses for verifying the sender is Authorize.Net. Please contact and work with your web developer or solutions provider to verify if you are still utilizing MD5 based hash and if still needed to move to SHA-256 hash via Signature Key. Please refer your developer or solution provider to our Transaction Hash Upgrade Guide for more details and information on this change. |
Hi there, May I ask are you using SIM or AIM on your EE3 site? If you’re not sure, you go to Event Espresso > Payment Settings and check which of the two are activated? |
|
|
Josh, SIM gateway. |
In that case, you’ll go to Event Espresso > Payment Settings > Authorize.net SIM settings and uncheck the box next to “use md5 check to secure payment response” then click the Update button. |
|
|
Josh, Thank you. The interesting thing is that the box was not checked to begin with, but I did have the MD5 key loaded. Authorize.net said that I was using the MD5, but that was either old info or they saw the key during transactions, even thought the box was not checked. |
That’s strange, and maybe you should also remove the MD5 key from the settings page too. |
|
|
Is the new transHashSHA2 available in EE3 via Authorize.net AIM? I don’t see it in the settings, but wanted to check if maybe it was built in or available elsewhere. Thanks |
|
I have the same issue, but on EE4. I don’t see the same options on the payment settings page. Is this something I need to worry about on EE4? |
with EE4 it’s recommended to switch to the Authorize.net Accept gateway because Authorize.net has deprecated the SIM gateway. You can download the Accept gateway from your account page, and here’s a link to its set up guide: |
|
|
Thank you! |
|
What is the suggestion for EE3 running AIM? I am not seeing any settings for MD5. Thanks for any help! |
Hi, The reason you’re not seeing any settings for MD5 for Authorize.net AIM is because that gateway does not use MD5. You could continue to use EE3 with AIM for as long as Authorize.net continues to process payments from AIM. Please note that AIM has been deprecated by Authorize.net. They’ve not published an end-of-life date for the older AIM API, but that could change in the future. With that in mind it’s advised to migrate to EE4 so you can use the newer gateways available with EE4. |
|
|
Thanks, Josh! Is it possible to run EE3 and EE4 concurrently on the same site? We do not have any downtime with our events and I would prefer to transition only new events to EE4 if we were to make the switch. Also, is that available as an included download with my license or would I need to make a separate purchase? Sorry I am getting off topic of the original post! |
No. They’d need to be separate sites.
Yes. EE4 is included with your support license.
Please feel free to start a new topic if you have any follow up questions. |
|
The support post ‘Authorize.net Important MD5 Hash Removal/Disablement Notice’ is closed to new replies.
Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.