Magento announces the official support to MD5 based hash usage till 14th March 2019. MD5 is an older hash method used for direct post payment methods. It seems MD5 is less secured compared to SHA512 in terms of its computing power and hence the shift is made imperative. 
Merchants using this <a href="https://en.wikipedia.org/wiki/MD5" target="_blank" rel="noopener">MD5</a> based transHash element should replace the existing MD5 hash with the Signature Key (SHA512). The merchants using this configuration have already been emailed about the update.
The interface that controls the MD5 will also be removed and the transHash element will also stop returning values soon. 
The two-phase removal of MD5 will have no impact on the API response. So, don’t worry!
You can check out the latest updates on the official Magento <a href="https://support.magento.com/hc/en-us/articles/360024368392-Update-Authorize-Net-Direct-Post-from-MD5-to-SHA-512" rel="nofollow">site</a>. This news may have severe impacts on merchants who use Authorize.net Direct post methods in Magento. 
Also, the official site mentions about the release of an extension to replace Direct Post starting with version v2.3.1 for commerce and Open source. The expected date of release is not out yet. 
Magento open source, Magento Commerce, and Magento cloud merchants will no more be able to process payments using <a href="https://www.authorize.net/" target="_blank" rel="nofollow">Authorize.Net</a> Direct Post payment methods. 
To move ahead successfully with the service, Magento has provided a <a href="https://magento.com/tech-resources/download">patch</a> for such merchants. Merchants only need to replace the existing MD5 hash with a Signature Key in the configuration settings.
Know more about the affected versions:
<ul>
<li style="font-weight: 400;">Magento Commerce 1.X.X</li>
<li style="font-weight: 400;">Magento Open Source 1.X.X</li>
<li style="font-weight: 400;">Magento Commerce 2.X.X</li>
<li style="font-weight: 400;">Magento Open Source 2.X.X</li>
<li style="font-weight: 400;">Magento Commerce (Cloud) 2.X.X</li>
<li style="font-weight: 400;">Authorize.Net Direct Post</li>
</ul>
<h3 id="1-with-just-three-simple-steps-you-can-continue-to-use-the-authorize-net-post-payment-methods">With just three simple steps you can continue to use the Authorize.Net Post Payment methods.</h3>
<h3 id="2-1-apply-the-patch">1. Apply the Patch:</h3>
<a href="https://www.elsner.com/hire-magento-developer/" target="_blank" rel="noopener">Hire Magento developer</a> for assistance. Download and install the Magento packages based on your version. Patches are also available for a composer installed versions. 
For Magento Commerce:
<ul>
<li style="font-weight: 400;">Go to My Account;</li>
<li style="font-weight: 400;">Navigate to Downloads and select the Magento edition and version;</li>
<li style="font-weight: 400;">Select Support and Security patches and then Security patches;</li>
<li style="font-weight: 400;">Download and Install Authorize.Net direct post signature key;</li>
</ul>
 For Magento Cloud:
Apply the patch and deploy.
<h3 id="3-2-acquire-the-new-signature-key">2. Acquire the new Signature Key:</h3>
Get the new Signature Key and add it to the Magento Admin Configuration. 
<ul>
<li style="font-weight: 400;">Log in the Merchant interface;</li>
<li style="font-weight: 400;">Click on Account;</li>
<li style="font-weight: 400;">Select Settings from the main left-side menu;</li>
<li style="font-weight: 400;">Click on API Credentials and Keys;</li>
<li style="font-weight: 400;">Select the Signature from the options available;</li>
<li style="font-weight: 400;">Click Submit to go ahead;</li>
<li style="font-weight: 400;">Request and Enter PIN verification;</li>
<li style="font-weight: 400;">As soon as your new Signature Key is displayed, copy it to your Magento Admin configuration.</li>
</ul>
<h3 id="4-3-update-the-magento-admin-configuration">3. Update the Magento Admin Configuration;</h3>
Follow the below-mentioned steps:
<ul>
<li style="font-weight: 400;">Log in the Admin interface;</li>
<li style="font-weight: 400;">Click on Store; then under settings click configuration;</li>
<li style="font-weight: 400;">Select Sales then Payment Methods;</li>
<li style="font-weight: 400;">Enter the copied SHA 512 Signature Key;</li>
<li style="font-weight: 400;">Select the Save Config option.</li>
</ul>
<img loading="lazy" class="aligncenter size-full wp-image-12142" src="https://www.elsner.com/wp-content/uploads/2019/03/auth-net-signature-key-m2.png" alt="auth-net-signature-key-m2" width="827" height="412" srcset="https://office.elsner.com/wp-content/uploads/2019/03/auth-net-signature-key-m2.png 827w, https://office.elsner.com/wp-content/uploads/2019/03/auth-net-signature-key-m2-300x149.png 300w, https://office.elsner.com/wp-content/uploads/2019/03/auth-net-signature-key-m2-768x383.png 768w" sizes="(max-width: 767px) 89vw, (max-width: 1000px) 54vw, (max-width: 1071px) 543px, 580px" />
Magento 2 Authorize.Net Direct Post configuration screen
<img loading="lazy" class="aligncenter size-full wp-image-12143" src="https://www.elsner.com/wp-content/uploads/2019/03/auth-net-signature-key-m1.png" alt="auth net signature key m1" width="554" height="243" srcset="https://office.elsner.com/wp-content/uploads/2019/03/auth-net-signature-key-m1.png 554w, https://office.elsner.com/wp-content/uploads/2019/03/auth-net-signature-key-m1-300x132.png 300w" sizes="(max-width: 554px) 100vw, 554px" />
These steps will successfully update the Signature Key and the payment processing will continue. For any further changes, Elnser will keep you updated.

Do you want more traffic?

Digital Transformation begins here!

You may also like

Technology Moves
Fast, So Do We

Share this topic on

Do you want more traffic?

Digital Transformation begins here!

You may also like

Technology Moves Fast, So Do We

Technology Moves
Fast, So Do We