https://community.developer.cybersource.com/t5/Integration-and-Testing/Auth-only-transaction-succeeds-on-expired-credit-card/m-p/90268#M56789 <P>I am having issue finding a good way to verify whether or not Credit Card is expired using Authorize.net payment gateway.</P><P>I used ValidateCustomerPaymentProfileRequest API as documented here -<SPAN>&nbsp;</SPAN><A href="https://developer.authorize.net/api/reference/index.html#customer-profiles-validate-customer-payment-profile" target="_blank" rel="nofollow noopener noreferrer">https://developer.authorize.net/api/reference/index.html#customer-profiles-validate-customer-payment-profile</A><SPAN>&nbsp;</SPAN>and this only validates the existence of payment profile i believe. Does not validate the credit card expiry.</P><P>I tried to do a Auth only transaction using CreateTransactionController as documented here -<SPAN>&nbsp;</SPAN><A href="https://developer.authorize.net/api/reference/index.html#payment-transactions-authorize-a-credit-card" target="_blank" rel="nofollow noopener noreferrer">https://developer.authorize.net/api/reference/index.html#payment-transactions-authorize-a-credit-card</A>. AuthOnly transaction is allowed on a expired credit card as well, the transaction succeeds.</P><P>I also tried using GetCustomerPaymentProfileController as documented here<SPAN>&nbsp;</SPAN><A href="https://developer.authorize.net/api/reference/index.html#customer-profiles-get-customer-payment-profile" target="_blank" rel="nofollow noopener noreferrer">https://developer.authorize.net/api/reference/index.html#customer-profiles-get-customer-payment-profile</A><SPAN>&nbsp;</SPAN>to get the expiration date so i can manually verify but in response i get XXXX, mmdd isnt visible in the response.</P><P>This shouldnt be this complicated. Can someone point me to right direction ? I noticed while testing that expired credit card also succeeds and thats when i started testing with ValidateCustomerPaymentProfileRequest and GetCustomerPaymentProfileController to verify. Even the CreateTransactionController to create Auth only transaction succeeds which leaves me surprised.</P><P>I did file a support case and i was asked to post here</P><P>Here is a snippet of AuthOnly transaction i use</P><P>&nbsp;</P><DIV class=""><DIV class=""><PRE>// Step 2: Create the transaction request for authOnly $transactionRequestType = new AnetAPI\TransactionRequestType(); $transactionRequestType-&gt;setTransactionType("authOnlyTransaction"); $transactionRequestType-&gt;setAmount("0.01"); // Small transaction amount // Associate the payment profile $paymentProfile = new AnetAPI\CustomerProfilePaymentType(); $paymentProfile-&gt;setCustomerProfileId($profile['customer_profile_id']); $paymentProfile-&gt;setPaymentProfile(new AnetAPI\PaymentProfileType()); $paymentProfile-&gt;getPaymentProfile()-&gt;setPaymentProfileId($profile['customer_payment_profile_id']); $transactionRequestType-&gt;setProfile($paymentProfile);</PRE><DIV class="">&nbsp;</DIV></DIV></DIV><P>&nbsp;</P><P>With this code, i would expect that AuthOnly transaction on expired credit card would fail. I see a success response and i see the transaction on the Authorize.net as well.</P> Tue, 17 Sep 2024 17:57:37 GMT rockyr1 2024-09-17T17:57:37Z https://community.developer.cybersource.com/t5/Integration-and-Testing/Auth-only-transaction-succeeds-on-expired-credit-card/m-p/90268#M56789 <P>I am having issue finding a good way to verify whether or not Credit Card is expired using Authorize.net payment gateway.</P><P>I used ValidateCustomerPaymentProfileRequest API as documented here -<SPAN>&nbsp;</SPAN><A href="https://developer.authorize.net/api/reference/index.html#customer-profiles-validate-customer-payment-profile" target="_blank" rel="nofollow noopener noreferrer">https://developer.authorize.net/api/reference/index.html#customer-profiles-validate-customer-payment-profile</A><SPAN>&nbsp;</SPAN>and this only validates the existence of payment profile i believe. Does not validate the credit card expiry.</P><P>I tried to do a Auth only transaction using CreateTransactionController as documented here -<SPAN>&nbsp;</SPAN><A href="https://developer.authorize.net/api/reference/index.html#payment-transactions-authorize-a-credit-card" target="_blank" rel="nofollow noopener noreferrer">https://developer.authorize.net/api/reference/index.html#payment-transactions-authorize-a-credit-card</A>. AuthOnly transaction is allowed on a expired credit card as well, the transaction succeeds.</P><P>I also tried using GetCustomerPaymentProfileController as documented here<SPAN>&nbsp;</SPAN><A href="https://developer.authorize.net/api/reference/index.html#customer-profiles-get-customer-payment-profile" target="_blank" rel="nofollow noopener noreferrer">https://developer.authorize.net/api/reference/index.html#customer-profiles-get-customer-payment-profile</A><SPAN>&nbsp;</SPAN>to get the expiration date so i can manually verify but in response i get XXXX, mmdd isnt visible in the response.</P><P>This shouldnt be this complicated. Can someone point me to right direction ? I noticed while testing that expired credit card also succeeds and thats when i started testing with ValidateCustomerPaymentProfileRequest and GetCustomerPaymentProfileController to verify. Even the CreateTransactionController to create Auth only transaction succeeds which leaves me surprised.</P><P>I did file a support case and i was asked to post here</P><P>Here is a snippet of AuthOnly transaction i use</P><P>&nbsp;</P><DIV class=""><DIV class=""><PRE>// Step 2: Create the transaction request for authOnly $transactionRequestType = new AnetAPI\TransactionRequestType(); $transactionRequestType-&gt;setTransactionType("authOnlyTransaction"); $transactionRequestType-&gt;setAmount("0.01"); // Small transaction amount // Associate the payment profile $paymentProfile = new AnetAPI\CustomerProfilePaymentType(); $paymentProfile-&gt;setCustomerProfileId($profile['customer_profile_id']); $paymentProfile-&gt;setPaymentProfile(new AnetAPI\PaymentProfileType()); $paymentProfile-&gt;getPaymentProfile()-&gt;setPaymentProfileId($profile['customer_payment_profile_id']); $transactionRequestType-&gt;setProfile($paymentProfile);</PRE><DIV class="">&nbsp;</DIV></DIV></DIV><P>&nbsp;</P><P>With this code, i would expect that AuthOnly transaction on expired credit card would fail. I see a success response and i see the transaction on the Authorize.net as well.</P> Tue, 17 Sep 2024 17:57:37 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Auth-only-transaction-succeeds-on-expired-credit-card/m-p/90268#M56789 rockyr1 2024-09-17T17:57:37Z