UPDATED: System Downtime Rescheduled for November 12th

Tonight's previously scheduled downtime has been rescheduled for November 12th.

On Saturday, November 12, 2016, we will be implementing planned payment gateway updates. Beginning at 10:00 PM until 10:30 PM Pacific time, the following services will be intermittently inaccessible:

• New transaction processing ("Authorization Only" and "Authorization and Capture" transactions) on First Data Omaha processor
• Follow-on transactions (voids, refunds and "Prior Authorization Capture" transactions)
• Merchant Interface access, including Virtual Point of Sale (VPOS) access
• The Authorize.Net hosted payment form and Simple Checkout
• CAPTCHA verification
• Customer Information Manager (CIM) API
• Automated Recurring Billing (ARB) API
• Advanced Fraud Detection Suite (AFDS) — transactions will process as if AFDS is not enabled
• Authorize.Net mPOS app transaction processing (Android and iOS)
• Verified Merchant Seal

Though each service will be affected during the updates, no service should be unavailable for the entire 30-minute window. We apologize for any inconvenience this may cause and thank you for your patience as we work to enhance the payment gateway.

UPDATED: System Downtime Postponed

The payment gateway updates previously planned for October 29, 2016, have been postponed. We will communicate the rescheduled date soon. We apologize for any inconvenience this may cause and thank you for your patience as we work to enhance the payment gateway.

June 30th Akamai SureRoute Now Voluntary

JUNE 30TH MIGRATION TO AKAMAI IS NOW VOLUNTARY, BUT REMAINS HIGHLY RECOMMENDED

As communicated over the past nine months, Akamai SureRoute technology has been introduced into our network environment as a new connection option. This technology automatically routes your transaction requests around issues that may occur on the Internet, thus helping to ensure your transactions are received by Authorize.Net, quickly, securely and reliably. Many Authorize.Net customers have already adopted this connection option and are taking advantage of the benefits offered by Akamai SureRoute technology. If you are not yet connecting to Authorize.Net via Akamai, we encourage you to do so.

WHILE WE CONTINUE TO ENCOURAGE ALL CUSTOMERS TO USE AKAMAI SUREROUTE, THE MIGRATION IS NO LONGER MANDATORY BY JUNE 30, 2016. During the course of migration planning, a few of our customers have reported unique implementations or constraints that prevent them from adopting the Akamai enhancement within the timeframe originally planned. As such, we will continue to support both legacy and Akamai SureRoute connection options. You may now migrate to the recommended Akamai URLs at your own pace.

For more information on how to upgrade to Akamai SureRoute, please visit the Authorize.Net website at http://www.authorize.net/support/akamaifaqs/.

Authorize.Net Technical Updates Reminder

Over the next couple of months, we are making several updates to our systems that you need to be aware of. They are all technical in nature and may require the assistance of your web developer or shopping cart/payment solution provider.

Please read this email carefully, and if you need to find a web developer to help you, please check out our Certified Developer Directory at www.authorize.net/cdd.

Akamai SureRoute Reminder

RC4 Cipher Disablement

Transaction and Batch ID Reminder

Failed Batch Settlement Email Error

If your Authorize.Net account uses FDC Omaha for transaction processing, and you received an email last night, April 10th, regarding a failed batch settlement, please disregard that email. It was sent in error. The batches have settled successfully and there should be no delay in funding. We apologize for any confusion this may have caused.

System Downtime Notification

On Saturday, April 9, 2016, we will be implementing planned payment gateway updates. Beginning at 10:00 PM until 10:30 PM Pacific time, the following services will be intermittently inaccessible:

• New transaction processing ("Authorization Only" and "Authorize and Capture" transactions)
• Follow-on transactions (voids, refunds, etc.)
• Merchant and Reseller Interface access
• Virtual Point of Sale (VPOS) access
• Customer Information Manager (CIM)
• Automated Recurring Billing (ARB)

Though each service will be affected during the updates, no service should be unavailable for the entire 30-minute window. We apologize for any inconvenience this may cause and thank you for your patience as we work to enhance the payment gateway.

Reminder to Download Transactions from 2013

Important: On February 25, 2016, all transactions and expired, canceled or terminated ARB subscriptions (and their associated profiles) from 2013 will be permanently archived and no longer accessible in the Merchant Interface.

Authorize.Net retains your transaction history for a minimum of two years, which is accessible through the search feature of the Merchant Interface. As a standard business practice, we highly recommend that you download and save your online transactions on an annual basis. That way the data will be available for your own records, even after it has been archived.

For detailed information on how to search for and download transactions within a specific date range, please see the Download Transaction File Guide at http://www.authorize.net/files/downloadguide.pdf.

Thank you and good luck with business this year.

UPDATE: This release has been delayed. We currently don’t have a new release date, but will update this blog post when one is available.

As previously announced, we are finalizing work that will allow you to use Customer Information Manager (CIM) profiles with our Automated Recurring Billing (ARB) service and vice versa. This means that if you are using both CIM and ARB, you can now use customer profiles for recurring subscriptions as well as one-time payments.

The last stage of this project is being released soon. As part of that release, we are creating customer profiles for your existing ARB subscriptions. Those newly created profiles will be viewable in the CIM section of the Merchant Interface along with any other profiles you've already created.

To view which ARB subscription (if any) a profile is associated with, simply check the Description field of the profile—any associated subscription ID will be viewable there.

You can edit and update the customer profiles with new payment and customer information. Any new information entered on a profile tied to a subscription will be used for the next recurring payment.

Also, please note that if you try to delete a profile that has been created based on an active or suspended ARB subscription, you will receive the error, "The specified customer/payment profile is associated with a subscription and cannot be deleted." However, you will still be able to delete any profiles that are associated with expired, canceled or terminated ARB subscriptions.

As a reminder, Authorize.Net permanently deletes all expired, canceled or terminated ARB subscriptions (and their associated profiles) that are more than two years old.

Additional API Enhancements
Along with the changes above, we will be updating the following three API calls:

• ARBCreateSubscriptionRequest will be able to accept Customer Profile IDs to populate the customer and payment information.
• ARBUpdateSubscriptionRequest will also be able to accept Customer Profile IDs.
• CreateProfileFromTransactionRequest will allow updates to the customer information, if it is missing from the original transaction.

System Downtime Notification

On Saturday, October 10, 2015, we will be implementing planned payment gateway updates. Beginning at 10:30 PM until 11:00 PM Pacific time, the following services will be inaccessible:

• New transaction processing ("Authorization Only" and "Authorize and Capture" transactions)
• Follow-on transactions (voids, refunds, etc.)
• Merchant and Reseller Interface access
• Virtual Point of Sale (VPOS) access
• Customer Information Manager (CIM)
• Automated Recurring Billing (ARB)

Though each service will be affected during the updates, no service should be unavailable for the entire 30-minute window. We apologize for any inconvenience this may cause and thank you for your patience as we work to enhance the payment gateway.

Important Authorize.Net Technical Updates

Over the next few months, there are several updates and enhancements we are making to our systems that you need to be aware of. They are all technical in nature and may require the assistance of your web developer or shopping cart/payment solution provider.

Please read this notice carefully, and if you need to find a developer to help you, please check out our Certified Developer Directory at www.authorize.net/cdd.

Security Certificate Upgrades to api.authorize.net

As part of our continuous upgrades to enhance system performance and security, on September 21, 2015, we are upgrading api.authorize.net to new security certificates, which are signed using Security Hash Algorithm 2 (SHA-2) and 2048-bit signatures.

These upgrades were already completed on secure.authorize.net in May. If your website or payment solution connects to api.authorize.net and any updates are necessary to use the new certificates, please refer to this blog post in our Developer Community, which has all of the certificate information you and your developer will need for this update. Our sandbox environment has already been updated so that you can validate that your solution will continue to work using SHA-2 signed certificates, prior to September 21st.

After the update is complete on September 21st, any website or payment solution that connects via api.authorize.net that cannot validate SHA-2 signed certificates will fail to connect to Authorize.Net's servers.

TLS Remediation for PCI DSS Compliance

As you may already be aware, new PCI DSS requirements state that all payment systems must disable TLS 1.0 by June 30, 2016. To ensure that we are compliant ahead of that date, we will be disabling TLS 1.0 first in the sandbox environment and then in our production environments. Both dates are still to be determined, but please make sure your solutions are prepared for this change as soon as possible.

For more information, including updates to the dates we anticipate disabling TLS in each environment, please refer to our previous blog post. We will also send another email about TLS once we have a final date in place.

Akamai Reminder

Last, but not least, we previously announced our Akamai implementation plan and timelines. Using Akamai's technology will provide Authorize.Net a superior level of reliability, as it helps safeguard against interruptions caused by issues beyond our direct control, such as Internet congestion, fiber cable cuts and other similar issues.

If you have not already, please review the announcement and the Akamai FAQs to determine what action you should take for your particular solution.

Updated: Authorize.Net Email Receipt Changes

Update: The new emails outlined below will start on August 17th now.

Original Announcement:
This notice is to let you know of changes we are making to improve the Authorize.Net-generated email receipt that is sent to you and your customers after a purchase. These changes will provide better receipt content and help increase email deliverability.

The new emails will start on August 11, 2015. No action on your part is required.

To determine whether you have opted to send email receipts, click Account, then Settings, then Email Receipt under the Transaction Format Settings section. Review the Enable Email Confirmation section to see if you have elected to send any email receipts. If you have, these changes will apply to you.

"From" Email Address Changing

A list of changes is below, however, the biggest change to be aware of is that the email address listed in the "From" field of the receipt email will no longer be your email address. Instead, the "From" field will now display "noreply@mail.authorize.net" as the sending email address. This change will also apply to ARB summary and settlement-related emails.

If a customer replies to the email receipt, the email address that will populate in the "To" field will still be the email address that you currently have configured as the Email Sender in the Merchant Interface.

To review the current email address configured as the Email Sender, follow these steps:

1. Click Account from the main toolbar.
2. Click User Administration from the main menu on the left.
3. Click a user's name.
4. Click Edit Profile Information.
5. In the Specify Email Sender section, check to see if the checkbox next to Use this email address as sender is checked.

Click here for further information on reviewing or updating the email address currently configured as the Email Sender on your account.

Additional Improvements

The other email receipt changes that you will see as of August 11th are as follows:

Your Email Receipt

• Masked card number and last 4 digits will be viewable in the Payment Method section.
  Example: Visa xxxx1234
• Line item details will now be on your email receipt.

Your Customer's Email Receipt

• Subject line will display in this format: "Transaction receipt from [merchant name] for [X.XX] [(Currency code)]"
  Example: Transaction receipt from Merchant for 500.00 (USD)
• "Thank you for your order" will be removed from the receipt.
• Description field: If no description has been provided, "Goods or Services" will display by default.
• Amount format change: Transaction amount will display as [X.XX] [(Currency code)]
  Example: 500.00 (USD)
• Payment Information section updated to include:
  • Payment Method/Masked Card Number
  • Transaction Type
  • Authorization Code
• New Merchant Contact Information section added, which will include:
  • Your Name
  • Your City, State and Country
  • Your Email Address

These changes will provide more information to your customers and provide a better overall purchasing experience.

Important Authorize.Net Networking Change

At Authorize.Net, the reliability of our platform is our first priority. Your business depends on our services, and we understand how important that is. To that end, we are implementing a new networking solution that will provide you with a superior level of processing reliability.

Please read this announcement thoroughly.

Akamai Network Technology

Over the coming months, Authorize.Net will be upgrading access to the Internet connections that serve our data centers. Instead of allowing direct connections, all Internet traffic will be routed through Akamai, a third-party cloud network service that routes and delivers Internet traffic.

Using Akamai network technology will help decrease latency and improve the reliability of our payment gateway. It will also help safeguard against interruptions caused by issues beyond Authorize.Net's direct control, such as Internet congestion, fiber cable cuts and other similar issues. Additionally, come October, merchants connected to Akamai should no longer be affected by planned downtimes.

Implementation Plan And Timeline

We are implementing Akamai's technology into our network in two phases.

• Phase One (Now through June 2016) — We have created three new URLs for transaction processing that are hosted by Akamai. You can update your website or payment solution to point to the new transaction URLs today, which will provide you with the immediate benefits detailed above. Come October, you should no longer be affected by planned downtimes.
• Phase Two (June 2016) — We will automatically direct all of our existing transaction processing URLs to connect through Akamai in June of 2016. After this change, all transaction URLs will connect to Authorize.Net through Akamai.

IMPORTANT: To take advantage of the uptime benefits Akamai offers, we recommend you proactively update your website or payment solution during Phase One rather than waiting to be automatically updated during Phase Two.

Updating Your Solution

The new Akamai transaction URLs that are available now are:

• https://api2.authorize.net/xml/v1/request.api
• https://api2.authorize.net/soap/v1/Service.asmx
• https://secure2.authorize.net/gateway/transact.dll

Please contact your web developer or solution provider for assistance in updating to one of these new Akamai URLs.

Firewall And IP Address Considerations

If you do not use a firewall or do not connect directly via an IP address, then you can disregard this section. If you are unsure, please contact your web developer or solution provider. Click here if you need help finding a developer.

Using Akamai technology, Authorize.Net's IP addresses will become dynamic rather than static. If your website or payment solution uses a firewall that has whitelisted Authorize.Net's IP address or connects to Authorize.Net directly via an IP address, you will need to make additional changes.

• Firewall Considerations — If your solution uses a firewall to filter outbound connections, make sure that the firewall is set to permit outbound traffic to flow to the Akamai cloud by configuring your outbound firewall to "ANY."
  If you do not update your firewall ahead of June 2016, you will be unable to process transactions after Phase Two is implemented.
• IP Address Considerations — If your solution connects to Authorize.Net directly via an IP address, you will need to update it to connect by domain name. Continuing to connect directly via an IP address is strongly discouraged as you will not receive the benefits of routing through Akamai, and you could suffer a loss of service if transactions are re-routed among our various data centers.

Akamai is available for testing now in our sandbox environment. We strongly encourage you to test your solution prior to making any production change to ensure that you will not experience any disruptions to your transaction processing.

Questions?

If you have any questions about the Akamai upgrade, please refer to our Akamai FAQs or submit an eTicket by clicking Contact Us from the upper right corner of any page.

Batch Upload Downtime Notification

On Monday, July 27, 2015, the Batch Upload feature will be unavailable due to maintenance from 4:00 PM to midnight Pacific time. During the maintenance window, the Batch Upload link will not be viewable and any Batch Upload page will display a temporarily out of service message.

We apologize for any inconvenience this may cause and thank you for your patience.

Offer Visa Checkout with Your Authorize.Net Account

Since its launch, Visa Checkout has generated tons of great feedback, while simplifying the payments process for consumers. Today, we're excited to announce that Authorize.Net merchants can now offer Visa Checkout as a payment type for their customers.

Visa Checkout is a free feature of your payment gateway account. Sign up today by following the instructions provided in the Digital Payment Solutions section of the Merchant Interface.

Note: To offer Visa Checkout, some development work may be required. Please contact your developer or shopping cart provider for assistance. If you connect via a shopping cart, you will need to confirm that it supports Visa Checkout as a payment type.

Benefits of Visa Checkout

• Increased Convenience — Visa Checkout saves time and helps reduce shopping cart abandonment by providing a quick and easy checkout process for customers to pay with their account login credentials, rather than entering full payment data.
• Expanded Customer Reach — Grow your business with access to the expanding Visa Checkout user base.
• Centralized Management — Visa Checkout is fully integrated with the Authorize.Net platform, allowing you to search, view and report on all of your transactions through a single account.

Sign Up Today!

For more information on Visa Checkout, please visit our product page. You can also find the API guides you will need for updating your solution at http://developer.authorize.net/api/visacheckout.

System Downtime Notification

On Friday, June 19, 2015, we will be implementing planned payment gateway updates. Beginning at 9:00 PM until 9:30 PM Pacific time, the following services will be inaccessible:

• Transaction processing, including follow-on transactions (voids, refunds, etc.)
• Merchant Interface access
• Virtual Point of Sale (VPOS) access
• Customer Information Manager (CIM)
• Automated Recurring Billing (ARB)

Though each service will be affected during the updates, no service will be unavailable for the entire 30-minute window. We apologize for any inconvenience this may cause and thank you for your patience as we work to enhance the payment gateway.

Important: Security Certificate Upgrades on May 26th

Authorize.Net is upgrading our infrastructure to enhance system performance and security. On May 26, 2015, we are upgrading to new security certificates, which are signed using Security Hash Algorithm 2 (SHA-2) and 2048-bit signatures. Most modern operating systems and web servers support certificates that use SHA-2, however, there is a concern that older software—especially software based on outdated versions of Java—may not.

Please contact your web developer or solution provider as soon as possible to find out if your website or payment solution will support the new security certificates.

If any updates are necessary, please refer your web developer to this blog post in our Developer Community, which has all of the certificate information they will need for this update. Our sandbox environment has already been updated so that your developer can validate that your solution will continue to work using SHA-2 signed certificates, prior to May 26th.

After the update is complete on May 26th, any website or payment solution that cannot validate SHA-2 signed certificates will fail to connect to Authorize.Net's servers.

New Date for System Downtime and ARB Inactive Subscription Purge

The system downtime we previously announced for March 21st did not occur as planned. The new date is Saturday, April 18th, 2015. Beginning at 10:30 PM Pacific time, there will be up to a 30 minute period of time in which the payment gateway, Merchant Interface and all other system functionality will be inaccessible, including transaction processing.

Also, please remember that as part of the downtime on April 18th, we will be purging data for any Automated Recurring Billing (ARB) subscription that is expired, cancelled or terminated from 2012 and older.

If you would like to get a list of your inactive subscriptions prior to the purge, please have your developer or solution provider refer to the ARBGetSubscriptionListRequest section of our ARB API Guide or our API Reference Guide.

After April 18th, your ARB subscription reports may show a lower number of expired, cancelled and terminated subscriptions, as only data from January 1, 2013, to the current date will be displayed. All ARB subscriptions that are active or suspended, regardless of their date, will remain viewable in the Merchant Interface.

We apologize for any inconvenience the date change may cause and thank you for your patience as we work to enhance the payment gateway.

New Authorize.Net Status Page

We are pleased to introduce a new Authorize.Net system status page available at https://status.authorize.net. The new status page will provide the current status of the following six Authorize.Net services:

• Transaction Processing
• Merchant Interface
• Settlement
• Advanced Fraud Detection Suite (AFDS)
• Automated Recurring Billing (ARB)
• Customer Information Manager (CIM)

In the event a significant issue is identified with any of these services, an incident will be posted to the status page along with the most current information available. We will post status updates on each incident and a notification when the issue has been resolved.

We are pleased to make this status page available and encourage you to bookmark it for your reference.

System Downtime and ARB Inactive Subscription Purge Notifications

System Downtime Notification
On Saturday, March 21, 2015, we will be implementing planned payment gateway updates. Beginning at 10:30 PM Pacific time, there will be up to a 15 minute period of time in which the payment gateway, Merchant Interface and all other system functionality will be inaccessible, including transaction processing.

We apologize for any inconvenience this may cause and thank you for your patience as we work to enhance the payment gateway.

ARB Inactive Subscription Purge Notification
As part of the downtime on March 21st, we will also be purging data for any Automated Recurring Billing (ARB) subscription that is expired, cancelled or terminated from 2012 and older.

If you would like to get a list of your inactive subscriptions prior to the purge, please have your developer or solution provider refer to the ARBGetSubscriptionListRequest section of our ARB API Guide or our API Reference Guide.

After March 21st, your ARB subscription reports may show a lower number of expired, cancelled and terminated subscriptions, as only data from January 1, 2013, to the current date will be displayed. All ARB subscriptions that are active or suspended, regardless of their date, will remain viewable in the Merchant Interface.

Expanded 24x7 Support Hours

We are pleased to announce that our Customer Support department is now available by phone 24 hours a day, 7 days a week.

We realize that sometimes you need to reach Authorize.Net outside regular business hours, and we hope that our new, expanded availability will provide another benefit to your payment gateway account.

For your convenience, you can also contact Customer Support by eTicket and chat, available Monday — Friday 5:00 AM to 5:00 PM and Saturday 7:00 AM to 3:30 PM Pacific time (closed major holidays).

For detailed information on how to search for and download transactions within a specific date range, please see the Download Transaction File Guide at http://www.authorize.net/files/downloadguide.pdf.

Thank you and good luck with business this year.