topic Re: MD5 Hash fails for CIM profile payment method but works for CreditCard payment method in Integration and Testing

MD5 Hash fails for CIM profile payment method but works for CreditCard payment method

mkienenb — Fri, 22 Jan 2016 23:29:45 GMT

I'm finding that the returned MD5 Hash for an authCaptureTransaction createTransactionRequest CIM <profile> payment method doesn't match the expected results, but matches fine for an authCaptureTransaction createTransactionRequest <creditCard> payment method.

The only differences in the requests are that for CIM payment-profile auth-capture transactions the xml generated contains

        <profile>
            <customerProfileId>38164433</customerProfileId>
            <paymentProfile>
                <paymentProfileId>34700736</paymentProfileId>
            </paymentProfile>
        </profile>

while the xml generated for non-CIM contains:

        <payment>
            <creditCard>
                <cardNumber>4012888818888</cardNumber>
                <expirationDate>1/2018</expirationDate>
            </creditCard>
        </payment>

and

       <billTo>
            <firstName>Mike</firstName>
            <lastName>Kienenberger</lastName>
            <address>123 Street</address>
            <city>City</city>
            <state>NY</state>
            <zip>98765</zip>
            <country>US</country>
            <phoneNumber>123-123-4567</phoneNumber>
        </billTo>

Is the MD5 algorithm different for CIM auth-capture transactions than for all other transactions? Or is this just a bug?

Re: MD5 Hash fails for CIM profile payment method but works for CreditCard payment method

Joy — Mon, 25 Jan 2016 21:40:15 GMT

Hi mkienenb,

We can report this to ou internal developers, but that we do not recommend authenticating the transaction using the MD5 hash when using the XML API. It is a better and more reliable option to authenticate the connection via the SSL certificate.

Thanks,

Joy

Re: MD5 Hash fails for CIM profile payment method but works for CreditCard payment method

mkienenb — Mon, 25 Jan 2016 21:45:10 GMT

@Joy wrote:

We can report this to ou internal developers, but that we do not recommend authenticating the transaction using the MD5 hash when using the XML API. It is a better and more reliable option to authenticate the connection via the SSL certificate.

Hi @Joy.

Please report this to your internal developers. My client would prefer to continue authenticating using both the md5 hash and the SSL certificate.