I see the Authorize.Net Payment Gateway product info claims here that “MD5 Hash not neccesary as this plugin uses AIM.”

Since this plugin’s connection settings are API keys only, I can only assume that this is also true for the Authorize.Net CIM plugin, but can anyone verify that this is also the case?

Full email body here:
“Authorize.Net is phasing out the MD5 based transHash element in favor of the SHA-256 based transHashSHA2. The setting in the Merchant Interface which controls the MD5 Hash option will be removed by the end of January 2019, and the transHash element will stop returning values at a later date to be determined.

Merchants utilizing this feature will need to work with their web developer or solutions provider to verify if they are still utilizing MD5 based hash and if still needed to move to SHA-256 hash via Signature Key.”

Authorize.Net is phasing out the MD5 based transHash element in favor of the SHA-256 based transHashSHA2. The setting in the Merchant Interface which controls the MD5 Hash option will be removed by the end of January 2019, and the transHash element will stop returning values at a later date to be determined.

We have identified that you have this feature configured and may be relying on MD5 based transHash in transaction responses for verifying the sender is Authorize.Net.

Please contact and work with your web developer or solutions provider to verify if you are still utilizing MD5 based hash and if still needed to move to SHA-256 hash via Signature Key.

Please refer your developer or solution provider to our Transaction Hash Upgrade Guide for more details and information on this change.

Tengo unas dudas respecto a los datos que tengo que a?adir en el plugin.

El caso es que los del Sabadell me han enviado vía sms estos datos: HASH_Pru; Cod_Pru; Terminal

Aparte, el plugin me dice ” obtén una nueva clave SHA256 en el panel de control del TPV e introdúcela en la configuración del plugin.”

Entro en el panel de control del tpv y no encuentro por ningún lado esa clave.

?Tiene algo que ver el HASH_Pru; y el Cod_Pru; con esa clave?

Y sino, ?para que me han dado esas claves?

Hablare el Lunes con los del tpv per si mientras me puedes orientar un poco te lo agradecería.

Saludos

With Google’s (and every other relevant entity’s) push for the security of SHA-256 certificates and encryption, how does this affect My Ticket’s interaction with Paypal?

I can imagine that anyone using an IPN and auto-return will need to set themselves up an SSL.

Apparently nothing comes easy anymore. 8^{

https://www.ads-software.com/plugins/my-tickets/

https://www.ads-software.com/plugins/smart-donations/

https://www.ads-software.com/plugins/seamless-donations/

A few weeks ago, I got messages from a PayPal-related plugin on one site that the server was not using an upgraded SHA-256 SSL encryption. After much go-around with hosting support, it is clear that the server IS using an SHA-256 cert. AND, if I do a check on the main site in the network, it shows the host using SHA-256 algorithm. I am not having this issue on any of the standalone installs on the same server.

I am getting emails from PayPal however, that indicate that PayPal is NOT seeing SHA-256 encryption on the mapped domain. I’ve used a couple of different SHA-checkers, and most are showing the SHA-256, but at least one is not (digicert.com).

I have an email in to PayPal escalated technical support, but I’m wondering if anyone knows if there is something related to the domain mapping causing this, and/or if there might be a way (through htaccess, maybe?) to work around and make sure PayPal “sees” the SHA-256 that is running.

It would seem the chap-secure-login does not like wp-minify-fix
So I had to exclude sha256.js & md5.js from wp-minify-fix.

Also why not beef up this plugin?
maybe do sha-512 or a Salted sha-512 ???
If that’s too hard then do Salted sha-256 just something to keep up with the times.
I don’t want to spend $ on SSL right now so this is the next best thing.
I just wish it was better.

https://www.ads-software.com/plugins/chap-secure-login/

Are you supporting PayPal’s service upgrades? Specifically, PayPal is upgrading their certificate to use SHA-256, which will effect anyone who uses the PayPal IPN.

You can read more about it here: https://www.paypal-knowledge.com/resources/sites/PAYPAL/content/live/FAQ/1000/FAQ1766/en_US/2015%20Merchant%20Security%20System%20Upgrade%20Guide%20%28U.S.%20English%29.pdf

https://www.ads-software.com/plugins/give/