Due to recent security enhancements made by Yahoo, there is a mandatory code change needed in Stone Edge in order to continue to process payments via the Yahoo Payment API. For Yahoo users who do not use the Payment API, there is no further action required.
This change is discussed in detail here: https://help.smallbusiness.yahoo.net/s/article/SLN19413
Who is Effected
All Yahoo Stores who use the Yahoo Payment API to process payments in the Stone Edge Order Manager.
For Merchants Using The Stone Edge Order Manager Version 5.9x to 7.048
There are multiple options to obtain the fix:
Option 1 (preferred): Upgrade to version 7.049 or higher, including the current beta release (but not 7.1x or 7.5x)
Option 2: For merchants who may have difficulty upgrading to do heavy customizations you can manually apply the code change below. The code change must be made on ALL PC’s running Stone Edge Order Manager.
Steps for Updating the Code Manually
- With Stone Edge open hit Control-G to open the VBA code. Then click anywhere in the code.
- Hit Control-F to open the Find window
- Copy and paste the following text into the Find What text box:
- Select “Current Project” under Search and then click Find Next.
- Once the line of code is found close out of the Find window. On the line with the highlighted text place a single quote in front of it. This will comment out the line of code and turn the text green.
- Under the line you just commented out, copy and paste the text below:
URL = “payment.store.ysbapis.io/V1/order” & IIf(DoBulk, “list”, “”) & “/transactionlist”
- At the top of the screen go to Debug>Compile SEOM.
- Go to File>Save SEORDMAN
- Once complete go to File>Close and Return to Microsoft Access.
For Merchants Using The Stone Edge Order Manager Version 7.1x or 7.5x
You must install The Stone Edge Order Manager Version 7.050 or upgrade to the current beta release. While these versions are not PA-DSS certified they do give you the option to run the software in PCI Mode. PCI Mode is a setting that allows you to operate in a way that is compliant with the PCI Data Security Standards, by not storing credit card numbers and encrypting any potentially sensitive data.