Transactions Payment Methods Credit Card Card Verification
February 14, 2023 at 10:38 AMCredit Card verification is a security step present in many stores to avoid chargebacks. If the store have this feature enabled and you try to use a credit card without verification you may get the error: 2503 Credit Card is not verified
How does it work
We make a small authorization of a random amount between 0.01 and 0.99 to the given credit card, and the client must be prompted to enter the correct amount immediately in the next step. The client must login in his online banking. Look for one small authorization of a random amount between 0.01 and 0.99 with the store descriptor and then enter the correct amount in a form.
The customer has some limited attempts before the credit card is blocked in our system
Cards already verified do not need to be verified again unless suspicious activity is detected.
When to use
- The 3D Secure is not available or fails, and your store require verified payments
- If the system return error “2503 Credit Card is not verified” after submit a transaction.
Integration
Before integrate the credit card verification check if your store support 3D Secure Payments and implement it, the credit card verification is optional if the 3D Secure is present.
If the 3D Secure fails or is not configured in your store, then check if your store require verified payments.
Use the following query to verify:
query storeInfo {
storeInfo {
requireVerifiedCreditCardPayments
}
}
{
"data": {
"storeInfo": {
"requireVerifiedCreditCardPayments": true
}
}
}
If your store require verified payments then before submit a credit card transaction ensure your client pass the 3DSecure firstly, otherwise, verify if the customer has the credit card verified.
Check if Credit Card is already verified
Use the following mutation to check a credit card before submit the payment.
mutation checkCreditCard($input: CheckCreditCardInput!) {
tools{
creditCardVerification{
check(input: $input)
}
}
}
{
"input": {
"creditCard": {
"number":"4111111111111111",
"cvv": "123",
"expMonth": 12,
"expYear": 2022,
"holder": {
"name": "Harvey Coulter",
"address1": "3383 Richland Avenue",
"city": "Kemah",
"state": "TX",
"zipCode": "77565",
"countryCode": "US"
}
}
}
}
{
"data": {
"tools": {
"creditCardVerification": {
"check": false
}
}
}
}
This mutation returns true or false depending on whether the card is already verified or not.
Proceed to verify the Credit Card
If the credit card is not verified yet must proceed to verify them, in this step you must display a confirmation message to your customers before proceed.
A example message can be something like:
<p>
For card holder security we need verify that you are authorized to
use the card ending in <Bold>4123</Bold>.
</p>
<p>
We will make a small authorization of a random amount between 0.01 and 0.99 to the card
ending in <Bold>4123</Bold>.
</p>
<p>
You will be prompted to enter the correct amount immediately in the next step.
</p>
And below the message a “Continue” button that triggers the following mutation:
mutation authorizeCreditCard($input: AuthorizeCreditCardAmountInput!) {
tools {
creditCardVerification {
authorize(input: $input) {
token
billingDescriptor
cardType
attemptsLeft
}
}
}
}
{
"input": {
"creditCard": {
"number":"4111111111111111",
"cvv": "123",
"expMonth": 12,
"expYear": 2022,
"holder": {
"name": "Harvey Coulter",
"address1": "3383 Richland Avenue",
"city": "Kemah",
"state": "TX",
"zipCode": "77565",
"countryCode": "US"
}
}
}
}
{
"data": {
"tools": {
"creditCardVerification": {
"authorize": {
"token": "9414192a1f308cacf30908a909c08bf5",
"billingDescriptor": "MY STORE",
"cardType": "VISA",
"attemptsLeft": 3
}
}
}
}
}
The above mutation make a small card authorization of a random amount between 0.01 and 0.99 to given credit card.
If the card is not valid or the authorization fails a validation or payment error is returned
If authorization is success the authorize return a token and this token must be used in the following mutation
to complete the verification process.
In the following step must show to the client a form with numeric input to enter the amount, optionally
can show billingDescriptor, cardType or attemptsLeft;
Example:
<p>
To verify you’re an authorized user of the card ending
in <Bold>4123</Bold>,
please login to your online banking. Look for one small authorization of a
random amount between 0.01 and 0.99 with the
descriptor <Bold>{billingDescriptor}</Bold> and enter
the correct amount bellow.
</p>
<form>
<input name="amount" type="number" />
</form>
<p>
You will only have <Bold>{attemptsLeft}</Bold> attempts
to input the correct amount, so entering
random guesses will lead to a lockout of the card.
</p>
And below the form a “Verify” button that triggers the following mutation:
mutation confirmAuthorization($token:String!, $amount: Int!){
tools{
creditCardVerification{
confirmAuthorization(token:$token, amount: $amount){
success
attemptsLeft
}
}
}
}
{
"token": "9414192a1f308cacf30908a909c08bf5",
"amount": 50
}
{
"data": {
"tools": {
"creditCardVerification": {
"confirmAuthorization": {
"success": true,
"attemptsLeft": 3
}
}
}
}
}
In SANDBOX mode the authorized amount is always 50 cents. Note that the amount sent is a integer (50) and not a decimal number. The amount must be a integer between 1..99.
The response contains a success and return true or false depending on whether the card is successfully verified or not.
Once the verification is completed you are ready to submit the transaction with the credit card.