Hi I have been trying to validate CC no., CVV no., EXPDATE of the users credit card for recurring billing in PayFlow. The main objective is to let the user have access to subscription products only if the credit card is valid.
I have been advised to check the card prior to creating the profile you could run a credit card verification ($0 authorization)
So I did it and I got [RESPMSG] => Verified
Here's my request and response messages:
Request
Array
(
[TRXTYPE] => A
[TENDER] => C
[PARTNER] => PayPal
[USER] => XXXXX
[PWD] => XXXXX
[AMT] => 0
[ACCT] => 5105105105105100
[EXPDATE] => 1218
[INVNUM] => PONUM1
[VERBOSITY] => HIGH
[BILLTOZIP] => 95031
)
Response
Array
(
[RESULT] => 0
[PNREF] => A11A8C1A41C0
[RESPMSG] => Verified
[AUTHCODE] => 992PNI
[AVSADDR] => X
[AVSZIP] => X
[HOSTCODE] => A
[PROCAVS] => U
[TRANSTIME] => 2015-11-22 23:30:52
[AMT] => 0.00
[ACCT] => 5100
[EXPDATE] => 1218
[CARDTYPE] => 1
[IAVS] => X
[PREFPSMSG] => No Rules Triggered
[POSTFPSMSG] => No Rules Triggered
)
Now my question is I haven't provided CVV2 and also Any future date as EXPDATE gets verified. Can you please explain how things are working here? Also how can I verify CC, CVV and EXPDATE ?
This is simply creating the profile without any initial payment. As such, it's not going to validate the card at all. Of course, the first payment attempted on the profile would fail.
If you want to check the card prior to creating the profile you could run a credit card verification ($0 authorization).
So run the card verification first, and then only if that is successful you would follow up with a call to create the profile.
Keep in mind that if you're working in the sandbox any credit card expiration and security code will be accepted as long as it's not expired. This is done in the sandbox to make testing quick and easy.
If you would like to force errors in the API response so you can test those cases, take a look at the PayFlow documentation on testing.