WorldPay Integration: MD5 Secret for Transactions and Signatures for WordPay security standards

  • Profile Image
    Asked on September 09, 2014 at 09:46 AM

    My ticket also mentioned the a concern about MD5 Secret for Transactions and Signatures, this makes sure that the form is secure to WorldPay standards. 

    Specifically, MD5 Secret for Transactions ensures that the amount to be paid can't be tinkered in the process of it being sent to WorldPay for example.

    What are the chances of this being improved on? My client is an institution and they are very keen to keep to the security requirements specified by their organisation. 

    Thanks in advance!

  • Profile Image
    Answered on September 09, 2014 at 11:57 AM


    I have now forwarded this thread to our developers. The most possible way for now in order to secure your form is to use our SSL feature. You can add this feature to your form direct URL or when you embed it to your website. Please refer to this guide:

    Our developers would update this thread about the requested enhancements. They would decide about it.

    Thank you!

  • Profile Image
    Answered on October 17, 2014 at 04:26 AM


    We have implemented an alternate solution for WorldPay's MD5. 

    The redirection will now be processed directly from the form itself, thereby preventing exposure of the transaction variables. This makes the form more secure as there would be no way for the end-user to tinker with the transaction.

    Kindly check out this new change and let us know what you think.

    Best regards