I'm implementing user friendly error messages. I've decided to handle each Response Reason Code individually and return a custom error message for each. But, I noticed that some codes are may have information that the user should not be told about. I'm wondering ifyou all can help me figure out which ones are ok to tell to the user and which ones should just use a general error.
For example, lets say I get the response reason code "9", which says "The ABA code is invalid" or "78", which says "The Card Code (CVV2/CVC2/CID) is invalid". I shouldn't tell the user that right? because that may allow a thief to keep trying values? But, I'm not sure because maybe the bank prevents too many attempts already or already handles such cases behind the scenes.
Another example is "The account number is invalid.",
Any insight on this would great.
Thanks,
Dave
06-21-2011 10:53 AM