Authorize.net Direct Post is a native payment application within Magento’s platform. There are two methods of implementation for Direct Post: Authorize.net AIM (Advanced Integration Method) and DPM (Direct Post Method) API. Both of these payment functions use MD5 hash algorithms to encrypt the data before sending it to authorize.net for transaction processing. As of March 14th, 2019, Authorize.net will no longer support the MD5 hashing algorithm. This means that any merchant currently utilizing this as their payment method for customers will no longer be able to process payments. This could result in lost revenue and downtime for merchants.
In order to continue processing these payments, Magento has provided a solution. Specifically, there are patches which can be applied for both Magento 1.X and Magento 2.X Open Source and Commerce Editions. These patches must be applied within the code base and deployed to the merchant’s production server before March 14th to ensure continuity of service. Additionally, the merchant must generate a signature key within their authorize.net portal, and insert this into the admin configuration.
If any of this sounds technical, its because it is. The solution provided requires having code updated within the platform, ensuring that any previous customizations dependent on the Authorize.net module are not affected by the patch, and ensuring the appropriate configurations and settings within the payment portal are completed and tested properly. Crimson Agility is well versed in this process and has already completed the necessary changes for their clients. If you are concerned your site might be at risk, or need to have this solution implemented, please contact us for Magento support through our contact form or call us directly for assistance.