Reply
Member
Posts: 1
Registered: ‎06-14-2019

Accept.js and Card Code value

We are using the accept.js credit card form to enter credit card data and receive back the nonce. Once we have the nonce, we have 2 possible workflows. One is for using the nonce to submit an immediate payment (what we call a one-time payment in our app). In this scenario, if the user does not enter a value for card code, or if they enter the 901 test value for decline-for-code-mismatch, we get back a transaction declined response from our API call to the createTransactionController. This is, obvisiouly, what we would expect.

 

Workflow #2 is where we use the accept.js form to get the nonce, and then we simply using the nonce to create a new customer profile and customer payment profile. In this scenario, we aren't engaging in any actual payment transaction, but merely creating the profiles for future use. We send the newly-created customer profile and payment profile id values to our billing system so they can use them for automated payments. In this workflow scenario, regardless of what we enter for card code on the accept.js form (or no value at all), we get a nonce and are able to successfully create the profiles. This we would NOT expect. We would expect some kind of rejection due to bad/missing card code.

 

So, the question is: What does accept.js do with the card code value? And what is the actual "status" of a payment profile that's been created in workflow #2 above, with a bad, or non-provided cvv code? Our fear is that when our billing system attempts to use the payment profile for actual monetary transactions, that it will fail that point, which is long after the end user assumesd he/she has successfully entered their payment information, etc.

 

Is there something we aren't doing correctly? Is there a way to "validate" the card code under workflow #2?