Authorize.Net Technical Updates

Authorize.Net Technical Updates

If you are using as your Payment Gateway, you may have already received (or will receive in the coming days) and email with the subject " Technical Updates".

In that email, outline some changes they are making to their system, relating to PCI Compliancy and service uptime.

As a MemberGate owner, you shouldn't have to do anything to your site relating to these updates, as outlined below:

  • Akamai SureRoute

    What this means is that are changing how they route requests to the Gateway in order to process.

    Rather than submitting the request directly to the system, they are routing them through a Cloud Service called Akamai.

    The reason for doing that is that it creates multiple routes to the Gateway, rather than relying on a single route, so if one of those routes has technical issues, the requests can be re-routed and still reach the gateway, which should improve the uptime of the Gateway.

    Although have created some new URLs which can use the Akamai SureRoute system now, the existing URLs that MemberGate submits requests too, will automatically be updated in June 2016 to take advantage of the new service, so no update should be required to the code.
  • Transaction and Batch IDs

    MemberGate has no dependency on the transaction IDs being sequential.

    We simply store the transaction ID so we can reference the transaction in future if we need to retrieve details about it, but there is no requirement from MemberGate for the IDs to be sequential.

  • RC4 Cipher Disablement

    RC4 is an out-dated method of encryption, and has already been disabled on the servers.

    All communication with is done using up-to-date ciphers.

  • TLS Remediation for PCI DSS Compliancy

    The servers at Hostek have already had the older SSL protocols disabled (SSL 3.0 and TLS 1.0)

    Those methods of communication are NOT secure, as many of you will have read about in the news in the last couple of years, with related attacks such as POODLE and HEARTBLEED etc.

    One of the main reasons for us migrating your sites over to Hostek, was that we could run the sites on updated software, which supported the updated SSL protocols.

    The servers are running on ColdFusion 11, which is the latest version of ColdFusion, and already support TLS 1.2 communication.

    With the older SSL protocols already disabled, the servers will already be communicating with using the latest protocol, so disabling TLS 1.0 (and 1.1) should not impact the functionality of your site.