Hi Ray. From what I understand is that I call an URL with a string containing the order-information to the cc-company and also in a hidden field, a encrypted digest that is being built based on the String and a passphrase that is stored also on the cc-company's server. They to also encrypt the string and compare their result with the value in the hidden field that I have to create.
After the client enters the cc-information and submits his data, the same procedure goes the other way back.
Maybe you can have a look in the attached documentation, chapter "Appendix: SHA"?
Thanks in advance