I noticed that CVV is not required on PaymentAccountCreate and also CVVResponseCode is missing when using the new generated token. How can I perform CVV validation prior creating token (PaymentAccountCreate).
Should I perform a $0 authorization and then create the Token?
Our requirement is that if CVV validation fails, then the transaction should be declined.
Hi David,
PaymentAccountCreate is a stand-alone storage request only. The card number goes through a basic MOD-10 validation check, but there is no card issuer validation being done at that time. So you will never see any AVSResponseCode or CVVResponseCode responses when performing a PaymentAccountCreate.
Assuming that you or your clients intend to process transactions with Vantiv, and if you require card validation prior to creating a token, our recommendation would be to perform a CreditCardAuthorization for $0.00 first. The Address1/Zip Code and CVV information can be included on the request, and if returned by the card issuer, we'll pass back the AVSResponseCode (providing a match/no match/partial match response regarding the Address1 and Zip Code value submitted) and the CVVResponseCode (providing a match/no match response regarding the CVV submitted).
Note, though, that our platform will never approve or decline a transaction based on a match/no match response, and we don't support this type of logic on our platform. It's possible for a $0 Authorization to return a no-match response for both the AVS and CVV information, but still get an approval response on the transaction.
Regardless, if you wish to then tokenize the card used in that $0 Authorization, you can follow up with a PaymentAccountCreateWithTransID submission using the Authorization TransactionID returned. We'll then tokenize the card used in that original Authorization transaction.
My understanding is that if the card is an HSA/FSA card (Health Savings Account/ Flexible Spending Account), that a CreditCardAuthorization for $0.00 will always be denied. So if that is a situation you might encounter, you'll need to do the following (like I do):
Hope this helps!
Hi David,
PaymentAccountCreate is a stand-alone storage request only. The card number goes through a basic MOD-10 validation check, but there is no card issuer validation being done at that time. So you will never see any AVSResponseCode or CVVResponseCode responses when performing a PaymentAccountCreate.
Assuming that you or your clients intend to process transactions with Vantiv, and if you require card validation prior to creating a token, our recommendation would be to perform a CreditCardAuthorization for $0.00 first. The Address1/Zip Code and CVV information can be included on the request, and if returned by the card issuer, we'll pass back the AVSResponseCode (providing a match/no match/partial match response regarding the Address1 and Zip Code value submitted) and the CVVResponseCode (providing a match/no match response regarding the CVV submitted).
Note, though, that our platform will never approve or decline a transaction based on a match/no match response, and we don't support this type of logic on our platform. It's possible for a $0 Authorization to return a no-match response for both the AVS and CVV information, but still get an approval response on the transaction.
Regardless, if you wish to then tokenize the card used in that $0 Authorization, you can follow up with a PaymentAccountCreateWithTransID submission using the Authorization TransactionID returned. We'll then tokenize the card used in that original Authorization transaction.