This means in turn that Authorize.net has to be able to take the
encrypted data, along with some key that's set using a totally separate
process and stored internally on their end, and decrypt it. While there
is a field in the Authorize.net CNP API f...