Hello, I am implementing a Card Not Present transactions using the Secure Hosted Payment Form through SIM. According to the example (http://developer.authorize.net/downloads/samplecode - SIM - C#) , I must post to the "...authorize.net/gateway/transact.dll" and I have to use my API Login ID with my generated fingerprint. My question is whether or not there is another way to protect my API Login ID. Sending it to the client browser to initiate the POST seems like a bad idea. Am I being too nervous?
