cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

Encrypted Payload

We have 3 Javascript/HTML UIs that are hitting our Java services. We are currently calling Auth.net's authorize and capture endpoints from the Java services.

Unfortunately we have not had our Azure servers PCI approved... yet. As a stop gap measure our security team suggested we encrypt the payload at the Javascript layer (with our Auth.net client key) and pass the request to our services encrypted and then relay to auth.net. 

Is there an endpoint that supports this? The closest thing I could find was your AcceptJS flow -- from what I understand the Javascript library communicates directly to auth.net, sends back a one time nonce that the services could use to verify the transaction. Is this the only flow available? 

spatterson
Member
1 REPLY 1

Hi @spatterson

 

Yes you can use Accept.js for SAQ A-EP compliance .

 

 

For SAQ eligibility for Authorize.Net Accept solutions when completing self-assessment questionnaires (SAQ), please refer to the Coalfire Authorize.Net Accept SAQ Eligibility Overview or the more detailed SAQ Eligibility White Paper 

 

 

Please check the below link  for more details

 

https://developer.authorize.net/api/reference/features/accept.html 

 

 

Thanks





Send feedback at developer_feedback@authorize.net
Anurag
Moderator Moderator
Moderator