cancel
Showing results for 
Search instead for 
Did you mean: 

Detecting FDS Pending Review on Auth Transaction

I'm using the PHP SDK for authorizing a credit card https://developer.authorize.net/api/reference/index.html#payment-transactions-authorize-a-credit-car...

 

My question is how do I detect that FDS Pending Review process was triggered? From what I can tell this returns a succesfull auth and transactionid even though the transcation is flagged for review.

 

Secondly are there docs explaining how to test this in sandbox environment.

 

Thanks,

Dustin

oldbute
Member
1 REPLY 1

Hi oldbute

 

You can find the values to trigger AVS and CVV specific response codes within our Testing Guide, found at: https://developer.authorize.net/hello_world/testing_guide/

 

You will need to configure your AFDS settings in the Merchant Interface to Auth and Hold for Review or Report, as needed before using these trigger values. 

 

We also have a summary of Fraud Management found here: https://developer.authorize.net/api/reference/features/payment_transactions.html

 

The response code, response reason code and response text returned in the transaction response will vary depending on the desired filter action specified within the Merchant Interface. 

 

The possible responses are (in their respective locations of the response, which is now how you will find them displayed below): 

 

 

  • The transaction was submitted from a blocked IP address: 

<responseCode>2</responseCode>

<message> <code>250</code> <description>This transaction has been declined.</description> </message>

 

 

  • The transaction was declined as a result of triggering a Fraud Detection Suite Filter: 

<responseCode>2</responseCode>

<message> <code>251</code> <description>This transaction has been declined.</description> </message>

 

or

 

<responseCode>3</responseCode>

<message> <code>251</code> <description>This transaction has been declined.</description> </message>

 

or

 

<responseCode>2</responseCode>

<message> <code>27</code> <description>This transaction has been declined.</description> </message>

*Response depends on what filter is triggered. Response Code 27 would indicate a transaction was submitted for authorization but declined due to AVS/CVV response returned and 251 would indicate that another AFDS filter was triggered based on the transaction submitted. 

 

 

  • The transaction was accepted, but is being held for merchant review. The merchant can customize the customer response in the Merchant Interface: 

<responseCode>4</responseCode>

<message> <code>252</code> <description>Your order has been received. Thank you for your business!</description> </message>

 

 

  • The transaction was accepted and was authorized, but is being held for merchant review. The merchant can customize the customer response in the Merchant Interface: 

<responseCode>4</responseCode>

<message> <code>253</code> <description>Your order has been received. Thank you for your business!</description> </message>

 

 

  • The transaction was declined after manual review. This would occur if you were to use the Fraud Management option to call the status of Auth and Held transactions after they had been taken action on (approved or declined): 

<responseCode>2</responseCode>

<message> <code>254</code> <description>This transaction has been declined.</description> </message>

 

 

For example, here is a response of an AVS response of "N" where "N" is set to decline within AFDS settings: 

<?xml version="1.0" encoding="utf-8"?> <createTransactionResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"> <refId>123456</refId> <messages> <resultCode>Ok</resultCode> <message> <code>I00001</code> <text>Successful.</text> </message> </messages> <transactionResponse> <responseCode>2</responseCode> <authCode>3FBDUC</authCode> <avsResultCode>N</avsResultCode> <cvvResultCode>P</cvvResultCode> <cavvResultCode>2</cavvResultCode> <transId>40038205381</transId> <refTransID>40038205381</refTransID> <transHash /> <testRequest>0</testRequest> <accountNumber>XXXX0015</accountNumber> <accountType>MasterCard</accountType> <errors> <error> <errorCode>27</errorCode> <errorText>The transaction has been declined because of an AVS mismatch. The address provided does not match billing address of cardholder.</errorText> </error> </errors> <userFields> <userField> <name>MerchantDefinedFieldName1</name> <value>MerchantDefinedFieldValue1</value> </userField> <userField> <name>favorite_color</name> <value>blue</value> </userField> </userFields> <transHashSha2>26186D0E83ED27FBA1E258E065E0AD11695630C6D1F768A018062BDC7D618301F7EF1C9B38CEA85CFF52DE20D9AE54717D92D1CCD77E0C2F7A9EFDE71FECA29C</transHashSha2> </transactionResponse> </createTransactionResponse>

 

And here is the response returned when “N” is set to Auth and Hold for Review:

<?xml version="1.0" encoding="utf-8"?> <createTransactionResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"> <refId>123456</refId> <messages> <resultCode>Ok</resultCode> <message> <code>I00001</code> <text>Successful.</text> </message> </messages> <transactionResponse> <responseCode>4</responseCode> <authCode>K4FD0O</authCode> <avsResultCode>N</avsResultCode> <cvvResultCode>P</cvvResultCode> <cavvResultCode>2</cavvResultCode> <transId>40038205280</transId> <refTransID /> <transHash /> <testRequest>0</testRequest> <accountNumber>XXXX0015</accountNumber> <accountType>MasterCard</accountType> <messages> <message> <code>253</code> <description>Your order has been received. Thank you for your business!</description> </message> </messages> <userFields> <userField> <name>MerchantDefinedFieldName1</name> <value>MerchantDefinedFieldValue1</value> </userField> <userField> <name>favorite_color</name> <value>blue</value> </userField> </userFields> <transHashSha2>CC2268F4AD1EEB121F46A5D5712FB39887894E69495CB0C3CA75237D9041922FB37E1A4F869F94A7BE9790D3B025E6B9FC7424FC7FED7593A37F4AD75CBE028A</transHashSha2> </transactionResponse> </createTransactionResponse>

 

And here is a non-AVS/CVV response decline based on current AFDS settings: 

<?xml version="1.0" encoding="utf-8"?> <createTransactionResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"> <refId>123456</refId> <messages> <resultCode>Error</resultCode> <message> <code>E00027</code> <text>The transaction was unsuccessful.</text> </message> </messages> <transactionResponse> <responseCode>3</responseCode> <authCode /> <avsResultCode>P</avsResultCode> <cvvResultCode /> <cavvResultCode /> <transId>40038206206</transId> <refTransID /> <transHash /> <testRequest>0</testRequest> <accountNumber>XXXX0015</accountNumber> <accountType>MasterCard</accountType> <errors> <error> <errorCode>251</errorCode> <errorText>This transaction has been declined.</errorText> </error> </errors> <userFields> <userField> <name>MerchantDefinedFieldName1</name> <value>MerchantDefinedFieldValue1</value> </userField> <userField> <name>favorite_color</name> <value>blue</value> </userField> </userFields> <transHashSha2>FA5E642D2065EA15A6E920080699CC81F3EDABD092C70B83D2A64F645B6230A75F025F82E8C90278079686A64D90EC0B7311991652B4FF3A7DEB98357BB7157C</transHashSha2> </transactionResponse> </createTransactionResponse>

 

Keep in mind, there are many possible responses that can occur based on how AFDS filters are specified and I have not outlined all of them, but this should give you the general idea to begin your testing. 

 

I hope you find this useful. 

 

Thank you,

Elaine

ElaineM
Moderator Moderator
Moderator