| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
X-Cart Home | FAQ | Forum rules | Calendar | Mark Forums Read | User manuals | Login |
Authorize.net DPM (PA/DSS Compliant) | ||||
|
|
Thread Tools |
#131
|
|||||||||
|
|||||||||
Re: Authorize.net DPM (PA/DSS Compliant)
Quote:
Based upon the FAQ I'm seeing, for example on this web page: https://www.securitymetrics.com/blog/saq-ep-what-and-how It does seem that the SAQ (A-EP) makes sense. I hope that helps! Feel free to email us if you have more questions! thanks, Carrie
__________________
Custom Development, Custom Coding and Pre-built modules for X-cart since 2002! We support X-cart versions 3.x through 5.x! Home of the famous Authorize.net DPM & CIM Modules, Reward Points Module, Point of Sale module, Speed Booster modules and more! Over 200 X-cart Mods available & Thousands of Customizations Since 2002 - bcsengineering.com Please E-Mail us for questions/support! |
|||||||||
#132
|
|||||||||
|
|||||||||
Re: Authorize.net DPM (PA/DSS Compliant)
A word of caution here. The module encrypts the keys entered in admin - all 3 of them. But it does not add anything to the blowfish regeneration process.
So once you setup the module it will encrypt its settings with current blowfish key but if you then regenerate the blowfish key module settings will not be recrypted. Then all attempts to checkout with CC using this module will fail until the settings are re-entered and saved in admin. Carrie you should look into this and revise the module. I had to get creative to get it back working on a client's site today as he did not have all the info saved somewhere else. For anyone else the way I solved it was to modify the bcse decrypt function in the module and pass to it the old blowfish key - which you can get from config.php or the backup of the file. The settings then properly populated in admin and resave encrypts them with the new key. Don't forget after that to undo changes to the bcse decrypt function.
__________________
Steve Stoyanov CFLSystems.com Web Development |
|||||||||
|
#133
|
|||||||||
|
|||||||||
Re: Authorize.net DPM (PA/DSS Compliant)
Yes blowfish reencryption can mess up several things. We usually just don't recommend doing it as it's just a false sense of security updating it. We've seen sites come completely crashing down because of the amount of orders, etc that has to be redone overloading the server, making it crash and making the reencryption process die mid way, so that some things are encrypted with the new key and some with the old, etc.
Carrie
__________________
Custom Development, Custom Coding and Pre-built modules for X-cart since 2002! We support X-cart versions 3.x through 5.x! Home of the famous Authorize.net DPM & CIM Modules, Reward Points Module, Point of Sale module, Speed Booster modules and more! Over 200 X-cart Mods available & Thousands of Customizations Since 2002 - bcsengineering.com Please E-Mail us for questions/support! |
|||||||||
|
|
Thread Tools | |
|
|
|
|||
X-Cart forums © 2001-2020
|