Solved

Authorize.net timestamp wrong due to Daylight Savings

Posted on 2012-03-27
4
746 Views
Last Modified: 2012-04-11
I have an e-commerce site that uses Authorize.net SIM Gateway for processing credit cards.  A unique fingerprint is created for each transaction using a timestamp.  When daylight savings changed, it no longer matches authorize.net time stamp.  My host has verified the settings on the server and it still does not work, so I am forced to fix this within the code.

This is the current code that I am using for the timestamp:
<cfset timestamp=DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now())) >

I have found other scripts, but they are even further off.

The timestamp can be checked by going to the following link:
http://developer.authorize.net/tools/responsecode97

Authorize.net says the following:
The transaction fingerprint depends on a timestamp expressed in POSIX Time, sometimes called UNIX Epoch Time. Simply put, it is the number of seconds since January 1, 1970, at Midnight UTC. If you take the current time in the server’s time zone and convert that to UTC, and then use that to calculate POSIX Time, that may introduce the risk of the time being miscalculated when the server switches from Standard Time to Daylight Savings Time. This will cause transaction fingerprints to fail.

To avoid this, we (authorize.net) recommend the following:

-Take care to use whatever options are available in your scripting language of choice to use POSIX time automatically, instead of trying to convert from local time to POSIX time. Most scripting languages support POSIX timestamps.
-Make sure the Web server is using UTC, not local time.
-The operating systems on Web servers should be kept up to date. Since Daylight Savings Time is defined by law and is subject to change, servers may need to be updated to reflect changes.
-Where possible, Web servers should use the Network Time Protocol (NTP) to keep their clocks synchronized.
0
Comment
Question by:lonnyo
  • 2
4 Comments
 
LVL 36

Expert Comment

by:SidFishes
ID: 37771612
0
 
LVL 52

Expert Comment

by:_agx_
ID: 37771876
> no longer matches authorize.net time stamp

I know you said the host check the settings, but without knowing more it does sounds like something on the server is off. How much is it off by? If it's about an hour, the DST settings on your server may be wrong.  For example, one of my test boxes was not set to DST time, so my timestamp was ~3660 seconds/1hr off from theirs

What are your timezone settings?

<cfoutput>
myTime  #now()#<br>
UTC Time #DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now()))#<br>
</cfoutput>

<cfdump var="#getTimeZoneInfo()#">
0
 

Author Comment

by:lonnyo
ID: 37772292
Thanks for the quick responses.  I got pulled onto another project, so I will get back to this later today.  Sorry about that.
0
 
LVL 52

Accepted Solution

by:
_agx_ earned 500 total points
ID: 37772511
No problem.  I may get caught with stuff this afternoon, but will try and check back later.

Small correction to the debug code above:

<cfoutput>
myTime  #now()#<br>
UTC Time #DateConvert('local2UTC', Now())#<br>
timestamp #DateDiff("s", "January 1 1970 00:00", DateConvert('local2UTC', Now()))#<br>
</cfoutput>

<cfdump var="#getTimeZoneInfo()#">
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Hi, I will be creating today a basic tutorial on how we can create a Mail Custom Function and use it where ever we want. The main advantage about creating a custom function is that we can accommodate a range of arguments to pass to the Function and …
PROBLEM:  How to open a cfwindow or run a function on double click of a cfgrid row. One of my clients wanted to be able to double click on a row item to get more detailed information about a transaction and to be able to modify the line items i…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now