diff --git a/includes/commerce_sagepay_common.inc b/includes/commerce_sagepay_common.inc
index 37bcc63..38c932a 100644
--- a/includes/commerce_sagepay_common.inc
+++ b/includes/commerce_sagepay_common.inc
@@ -348,7 +348,7 @@ function commerce_sagepay_process_response($payment_method, $order, $tokens,
       $tds_data['PAReq'] = $tokens['PAReq'];
       $tds_data['ACSURL'] = $tokens['ACSURL'];
       $tds_data['MD'] = $tokens['MD'];
-      $tds_data['TermUrl'] = url('commerce-sagepay/3d_secure_callback/' . $order->order_number, array('absolute' => TRUE));
+      $tds_data['TermUrl'] = url('commerce-sagepay/3d_secure_callback/' . $order->order_id, array('absolute' => TRUE));
       $order->data['extra_authorisation'] = $tds_data;
       $arr_charge = array();
       $order_wrapper = entity_metadata_wrapper('commerce_order', $order);
@@ -580,7 +580,7 @@ function _commerce_sagepay_encrypted_order($settings, $order, $total,
       break;
 
     case SAGEPAY_SERVER:
-      $query['NotificationURL'] = url('commerce-sagepay-server/vps-callback/' . $order->order_number . '/' . $order->data['payment_redirect_key'], array('absolute' => TRUE));
+      $query['NotificationURL'] = url('commerce-sagepay-server/vps-callback/' . $order->order_id . '/' . $order->data['payment_redirect_key'], array('absolute' => TRUE));
 
       $query['TxType'] = $tx_type;
       if (variable_get(SAGEPAY_SETTING_LOW_PROFILE, 1) == 1) {
diff --git a/modules/sagepay_3d_secure/sagepay_3d_secure.module b/modules/sagepay_3d_secure/sagepay_3d_secure.module
index 7d3a228..98f3583 100644
--- a/modules/sagepay_3d_secure/sagepay_3d_secure.module
+++ b/modules/sagepay_3d_secure/sagepay_3d_secure.module
@@ -70,7 +70,7 @@ function sagepay_3d_secure_commerce_checkout_router($order, $checkout_page) {
       $checkout_pages = commerce_checkout_pages();
       $next_step = $checkout_pages['3d_secure']['next_page'];
       commerce_order_status_update($order, 'checkout_' . $next_step);
-      drupal_goto('checkout/' . $order->order_number . '/' . $next_step);
+      drupal_goto('checkout/' . $order->order_id . '/' . $next_step);
     }
   }
 }
@@ -210,16 +210,16 @@ function sagepay_3d_secure_waiting_page() {
 /**
  * Process callback response from merchant server.
  *
- * @param int $order_number
+ * @param int $order_id
  *  The order number being processed.
  */
-function sagepay_3d_secure_callback($order_number) {
+function sagepay_3d_secure_callback($order_id) {
   // If there's no data in the POST, return a page not found.
   if (empty($_POST)) {
     drupal_not_found();
   }
   // Attempt to reload the order.
-  $order = commerce_order_load_by_number($order_number);
+  $order = commerce_order_load($order_id);
 
   // If the order doesn't exist, return a page not found.
   if (!isset($order)) {
@@ -280,10 +280,10 @@ function sagepay_3d_secure_callback($order_number) {
       commerce_checkout_complete($order);
     }
 
-    $redirect = 'checkout/' . $order->order_number . '/' . $next_step;
+    $redirect = 'checkout/' . $order->order_id . '/' . $next_step;
   }
   else {
-    $redirect = 'checkout/' . $order->order_number . '/payment';
+    $redirect = 'checkout/' . $order->order_id . '/payment';
   }
 
   sagepay_3d_secure_clear_iframe($redirect);