Announcement

**Maxer** · 06-29-10, 12:58 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Rick Wilson View Post

Go under Global Settings, Domain Settings and PA-DSS Checklist and work through your red lights until they're all green.

We are all green now!!

I am getting this error:

Miva Merchant Notification Server is temporarily unavailable

**Datagg** · 06-29-10, 01:18 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Maxer View Post

We are all green now!!

I am getting this error:

Yes me green now too Max..... woohoo..... High 5

As for that message, we all are getting that. It means that the server center is temporarily down. They probably doing some update or something. It being down wont effect us in any way.

**Maxer** · 06-29-10, 01:20 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Datagg View Post

Yes we all green now.. woohoo.....

As for that message, we all are getting that. It means that the server center is temporarily down. They probably doing some update or something. It being down wont effect us in any way.

Roger that- Just wanted to report it in case there might have been a larger issue.

**Rick Wilson** · 06-29-10, 01:28 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

As for that message, we all are getting that. It means that the server center is temporarily down. They probably doing some update or something. It being down wont effect us in any way.

Normally it does mean that, but it's actually a bug that was exposed in 5.07, so it'll get fixed with Bugfix-3 released next Tuesday the 6th.

**Datagg** · 06-29-10, 01:52 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Rick Wilson View Post

Normally it does mean that, but it's actually a bug that was exposed in 5.07, so it'll get fixed with Bugfix-3 released next Tuesday the 6th.

Ahh ok, thank you Sir Rick....

**Maxer** · 06-29-10, 02:15 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Rick Wilson View Post

Normally it does mean that, but it's actually a bug that was exposed in 5.07, so it'll get fixed with Bugfix-3 released next Tuesday the 6th.

Roger that!

I sent you the following email today and wanted to post it here as well:

Rick,

I wanted to take a moment to personally thank you for the way in which you have handled this PCI-DSS compliance issue. While others have given me excuses, imprecise, confusing and/or incorrect answers, by contrast you all at Miva have risen to the challenge.

Not only have you made an important deadline but your PA-DSS self-checker and accompanying PIG (Product Implementation Guide) show a model of professionalism and how much you really care about your customers. The PIG is clear, concise and easy for the layperson to understand, taking a great deal of the mystery out PCI-DSS compliance and Miva. The graphic on firewalls quickly resolved a four day communication problem between me and my host. Its visual simplicity was the communication bridge between �technical nomenclature� and �lay-speak�.

As a person who harbors a general disdain for the software/graphic/web industry�s often lack of accountability, you at Miva are a beacon of light. May others in the industry follow your example. As business people may we demand so...

Over seven years ago we made the decision to use your shopping cart for the long haul. I feel wholeheartedly that we made the right decision and I am proud to support a company that still believes in old fashion accountability and hard work.

Lee "MAX" Sutherburg President/Product Design
Maxair Engineering� llc Motorcycle Accessories
�The Product of Performance!!�

**Datagg** · 06-29-10, 02:20 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Maxer View Post

Roger that!

I sent you the following email today and wanted to post it here as well:

Ill second that.... Rick on this situation and so many more... From weekend PM's, to helping everyone here. Miva, AkA Sir Rick and team are fantastic.

I got 2 stores of mine ill be bringing to Miva land real soon, as that cart company could give 2 craps about anyone let alone compliance issues. Girlfriends lingerie has been with Miva since 1999 and I've never regretted that decision.

Miva rocks.... hands down.

**Maxer** · 06-29-10, 02:47 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

I am having a couple of issues with PR7

1) I no longer get credit card info when downloading into Stone Edge order manager. I have an ongoing support ticket with Stone Edge on this.

2) When I run Authorise.net in "test mode" I get the following error: Unable to authorize payment: MD5 Hash mismatch. Please contact the store administrator if you continue to experience this problem. No such error in regular mode.

**Rick Wilson** · 06-29-10, 03:01 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Do you have something in the MD5 Hash field when in test mode?

**Maxer** · 06-29-10, 03:06 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Rick Wilson View Post

Do you have something in the MD5 Hash field when in test mode?

Yes, nothing changes there. Never had a problem with test mode before.

**Rick Wilson** · 06-29-10, 03:08 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

If I recall correctly it's because that MD5 field was actually broken before and not doing anything. Now it's working and trying to pass it to test mode which won't understand it. Or at least that's my best guess.

**Maxer** · 06-29-10, 03:11 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Rick Wilson View Post

If I recall correctly it's because that MD5 field was actually broken before and not doing anything. Now it's working and trying to pass it to test mode which won't understand it. Or at least that's my best guess.

So the Md5 security code has never worked?
Should the field be empty during test mode?

Thanks

**Datagg** · 06-29-10, 03:19 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Maxer View Post

So the Md5 security code has never worked?
Should the field be empty during test mode?

Thanks

Max we never used the Hash code. We were told back in the day that wasn't needed by Authorizenet themselves.

We do live "True order tests" and using test mode at times and that field has always been empty.

Here Max is a bit of facts on that over at authorizenet.

What is the MD5 Hash security feature and how am I supposed to use it?
The MD5 Hash is an optional security feature and can be used on the merchant side to verify that a transaction response was actually sent by Authorize.Net. This feature is intended to be used when a relay response is configured for SIM, and is not necessary for use with AIM.

To effectively use this feature, you will need to provide a MD5 input value in the Merchant Interface, develop a process to generate your own hash, and determine if that value matches the hash provided in the transaction response.

**Maxer** · 06-29-10, 03:23 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Datagg View Post

Max we never used the Hash code. We were told back in the day that wasn't needed by Authorizenet themselves.

We do live "True order tests" and using test mode at times and that field has always been empty.

Strange. They were the ones who told me to use it many moons ago.....

**Datagg** · 06-29-10, 03:25 PM

Re: PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Originally posted by Maxer View Post

Strange. They were the ones who told me to use it many moons ago.....

I added some more to my above post.. sorry it was late. The reason we were told not to use it is it causes to many legit orders to get flagged. Anyways, we never used it since that point and all has been golden.

Announcement

PCI-DSS Compliance RE: Stone Edge, Hostasurus & Miva 5.5

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment