developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

CIM: How to validate if credit card is already stored in Customer Payemnt Peofile

Strictly speaking this is a big question!

I create customer profiles of the users who register on my site and I want to prevent them duplicate their profiles by validating

their credit card numbers.


I see 2 ways of doing it but there is a difficulty.

1. Create customer payment profile and see if it duplicating.

But it requests customer profile id which certainly would be new one! I can't create payment profile without customer profile.

 

2. Fetch ALL THE payment profiles.

This way is silly per se! But ok, even if I do so I can only compare 4 last digits of credit card - that is not enough!

 

What should I do?

 

P.S. Yes I read this topic where the goal was just contrary to mine.


dV
Contributor

‎01-13-2012 04:54 PM - edited ‎01-13-2012 04:56 PM

0 Kudos
Reply
5 REPLIES 5

And one more, please REPLACE RICH TEXT WITH SMTH DIFFERENT!!!

It doesn't work in Google Chrome at all and works buggy in FireFox. All browsers are the latest. OS - Ubuntu

dV
Contributor

‎01-13-2012 04:57 PM

0 Kudos
Reply

Rich Text doesn't work on Firefox on my old Mac either. It does work on this Mac, which is still old but at least has a Pentium processor and OS X 10.4. Haven't tested on my PC.

TJPride
Expert
In response to dV

‎01-13-2012 06:15 PM

0 Kudos
Reply

You should store profile ID's whenever a profile is created, to associate it with the user it corresponds to. Short of that, you can just attempt to create a profile each time, which means that sometimes you'll get back a duplicate profile error - but since the duplicate profile error also returns the duplicate profile ID, you can just accept that and move on.

 

If, however, your problem is that you have a bunch of billing profiles with unvalidated credit cards (because perhaps you weren't using validation mode), and you want to validate them now to bring your system up to spec, then just create a script to cycle through all the profiles one at a time (or multiples using fork / threads / whatever...) and run validateCustomerPaymentProfileRequest() a bunch of times. Only one problem - it requires the card code if you're using the CCV security features, and that isn't stored. So you'd need to turn off the CCV temporarily. But I suppose you could run in validationMode = testMode and that would hopefully test the expiration date without generating a transaction fee.

 

Hopefully this helps.

TJPride
Expert

‎01-13-2012 06:24 PM

0 Kudos
Reply

TJPride can you explain how just created payment profile can be duplicated if authorize.net processor matches all the given fields among which I have to pass CustomerProfileId? This CustomerProfileId certainly will be new one, cause I register new person. But BEFORE his registration I want to validate if provided credit card already in use. I want to be sure that this persong previously didn't register with his credit card but using another email (I've got users' unique emails).

 

But ok, I think I know how to do validation. I'll store unique hash of credit card and compare new one with already existing one.

dV
Contributor
In response to TJPride

‎01-16-2012 09:41 AM - edited ‎01-16-2012 09:42 AM

0 Kudos
Reply

The only way to check before attempting to create a profile would be to have the entire card number, which obviously you won't have. I suppose if you're using regular CIM instead of hosted CIM, and the user enters all their information on a single form when they sign up, you could store the last 4 digits of the credit card in your database - those aren't considered a security violation - and use them to sort of match (if the last 4 match as well one or more other key pieces of information, it's probably a match and you can throw an error).

 

The fields used for duplicate checks are:

 

createCustomerProfileRequest

merchantCustomerId, description, email

createCustomerPaymentProfileRequest

customerProfileId, cardNumber, accountNumber, routingNumber, billToFirstName, billToLastName, billToAddress, billToZip

 

createCustomerShippingAddressRequest

customerProfileId, firstName, lastName, address, zip, phoneNumber

 

Note that createCustomerProfileRequest can include all of that information all in one go, in which case I'm not sure if you get a duplicate error if any of the three sets is duped, or only if the first set is duped. If just the first set, then you'll be stuck self-verifying as stated above. I really should experiment with this when I have more time.

TJPride
Expert
In response to dV

‎01-16-2012 02:04 PM

0 Kudos
Reply
Copyright © 2024 Khoros, LLC