developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Who Me Too'd this topic

Update Payment Profile with CVV using Accept.js method

We are currently updating our front-end to be fully PCI compliant (i.e. no sensitive data will flow through our network) using the Accept.js method.

 

The only remaining issue seems to be with sending CVV information when updating an existing payment profile. Per

 

 

https://developer.authorize.net/api/reference/features/acceptjs.html

 

In order to create a payment nonce the Accept.dispatchData() method will only accept a full CC number. However if the user is only updating the expiration date we would still like the user to enter the CVV number as it has probably changed if the expriation date has changed. 

 

On the server side I've been able to successfully use the masked card number and CVV only to update the CC profile.

 

        final PaymentType payment = objectFactory.createPaymentType();
        anetapi.xml.v1.schema.anetapischema.CreditCardType creditCard = objectFactory.createCreditCardType();
        creditCard.setCardNumber("XXXX0012");
        creditCard.setExpirationDate("2030-10");
        creditCard.setCardCode("900");
        payment.setCreditCard(creditCard);
        paymentProfile.setPayment(payment);

However for this to work the CVV number would have to be sent over our network which we want to avoid. Shouldn't Accept.dispatchData() also accept masked CC numbers for this use case?

 

Otherwise what should we do?

 

Thanks

1 person had this problem.
blackbeltdev
Contributor

‎08-29-2016 10:07 AM

Who Me Too'd this topic
Copyright © 2024 Khoros, LLC