end of MD5

in Odoo News

Julien Bertrand (jub)

Authorize.Net is phasing out the MD5 based hash use for transaction response verification in favor of the SHA-512 based hash utilizing a Signature Key.

Instead of hashing the transaction key with MD5, it is now required to hash the signature key with SHA-512.

Support for MD5 was stopped March 7 2019 for sandbox environment and will stop on June 28 2019 for production environment.

On February 11, 2019 removed the ability to configure or update MD5 Hash setting in the Merchant Interface. Merchants who had this setting configured have been emailed/contacted.

You can see more information about the change on

What does it mean for you in Odoo?

We supported both methods up to now, now that support ended for MD5, you just have to update the signature key in your settings.

All you need to do is change the signature and transaction key on
To do so, head to your account, then go to the Account tab and click on the API credentials & Keys link. From there, you can generate a new Transaction key and Signature key - This key is 128 characters long and should not be set in Odoo.

After that you must change the transaction key in Odoo with the new one obtained from

Useful links

What is a Signature Key

Signature Key Replacement

Upgrade my transaction fingerprint from MD5 to SHA-512

We hope the change will be seamless for you, thank you for reading. 

Are you ready to take your business to the next level?

We're always ready to help!

Share this post