Update from Authorize.NET:
Today we’re announcing final phase 2 dates when the gateway will stop populating the MD5 hash value.
Phase 1 Complete
Phase 2 - Stop sending the MD5 Hash data element in the API response. To continue verifying via hash, this will require applications to support the SHA-512 hash via signature key.
Sandbox will be updated on March 7, 2019 to stop populating the MD5 Hash value, the field will still be present but empty.
Production will be updated on March 14, 2019 to stop populating the MD5 Hash value, the field will still be present but empty.
We have updated documentation on our developer center, posted sample code on Github, and will have SDK updates completed by end of February.
Please refer to our support article: MD5 Hash End of Life & Signature Key Replacement for more details and information on this change.
Thank you for your attention to this matter and for being an Authorize.Net merchant.