cancel
Showing results for 
Search instead for 
Did you mean: 

MD5 Hash fails for CIM profile payment method but works for CreditCard payment method

I'm finding that the returned MD5 Hash for an authCaptureTransaction createTransactionRequest CIM <profile> payment method doesn't match the expected results, but matches fine for an authCaptureTransaction createTransactionRequest <creditCard> payment method.

 

The only differences in the requests are that for CIM payment-profile auth-capture transactions the xml generated contains

 

 

        <profile>
            <customerProfileId>38164433</customerProfileId>
            <paymentProfile>
                <paymentProfileId>34700736</paymentProfileId>
            </paymentProfile>
        </profile>

 

while the xml generated for non-CIM contains:

        <payment>
            <creditCard>
                <cardNumber>4012888818888</cardNumber>
                <expirationDate>1/2018</expirationDate>
            </creditCard>
        </payment>

and

       <billTo>
            <firstName>Mike</firstName>
            <lastName>Kienenberger</lastName>
            <address>123 Street</address>
            <city>City</city>
            <state>NY</state>
            <zip>98765</zip>
            <country>US</country>
            <phoneNumber>123-123-4567</phoneNumber>
        </billTo>

 

 Is the MD5 algorithm different for CIM auth-capture transactions than for all other transactions?  Or is this just a bug?

 

 

 

mkienenb
Contributor
2 REPLIES 2

 

Hi mkienenb,

 

We can report this to ou internal developers, but that we do not recommend authenticating the transaction using the MD5 hash when using the XML API. It is a better and more reliable option to authenticate the connection via the SSL certificate.

 

Thanks,

Joy

Joy
Administrator Administrator
Administrator

@Joy wrote:

 

We can report this to ou internal developers, but that we do not recommend authenticating the transaction using the MD5 hash when using the XML API. It is a better and more reliable option to authenticate the connection via the SSL certificate.

Hi @Joy.

 

Please report this to your internal developers.  My client would prefer to continue authenticating using both the md5 hash and the SSL certificate.