Using accept.js with php. For a small number of transactions, the hashes do not match. The transaction ids and amounts all match and the charge goes through on authorize.net. What could this mean?
I'm having the same issue.
In my case I have a webhook set up. Once we receive the request we generate a hash using HMAC-SHA12 and our signature key and then compare the result with the X-ANET header hash sent.
Sometimes it matches, sometimes it does not. This only happens with production credentials, not sandbox. I've even taken the request body, hashed it online with a tool auth.net recommended and it te result matches the one I generated but not the one they sent.
Would there be any configuration that's triggering this?