PayFlow PayPal recurring Payment EXPDATE Validation

3
votes

Hi I have been trying to validate CC no., CVV no., EXPDATE of the users credit card for recurring billing in PayFlow. The main objective is to let the user have access to subscription products only if the credit card is valid.

I have been advised to check the card prior to creating the profile you could run a credit card verification ($0 authorization)

So I did it and I got [RESPMSG] => Verified

Here's my request and response messages:

Request


Array
(
    [TRXTYPE] => A
    [TENDER] => C
    [PARTNER] => PayPal
    [USER] => XXXXX
    [PWD] => XXXXX
    [AMT] => 0
    [ACCT] => 5105105105105100
    [EXPDATE] => 1218
    [INVNUM] => PONUM1
    [VERBOSITY] => HIGH
    [BILLTOZIP] => 95031
)

Response


Array
(
    [RESULT] => 0
    [PNREF] => A11A8C1A41C0
    [RESPMSG] => Verified
    [AUTHCODE] => 992PNI
    [AVSADDR] => X
    [AVSZIP] => X
    [HOSTCODE] => A
    [PROCAVS] => U
    [TRANSTIME] => 2015-11-22 23:30:52
    [AMT] => 0.00
    [ACCT] => 5100
    [EXPDATE] => 1218
    [CARDTYPE] => 1
    [IAVS] => X
    [PREFPSMSG] => No Rules Triggered
    [POSTFPSMSG] => No Rules Triggered
)

Now my question is I haven't provided CVV2 and also Any future date as EXPDATE gets verified. Can you please explain how things are working here? Also how can I verify CC, CVV and EXPDATE ?

2
paypalpayment-gatewaypaypal-sandboxrecurring-billingpayflowpro

2 Answers

4
votes

This is simply creating the profile without any initial payment. As such, it's not going to validate the card at all. Of course, the first payment attempted on the profile would fail.

If you want to check the card prior to creating the profile you could run a credit card verification ($0 authorization).

So run the card verification first, and then only if that is successful you would follow up with a call to create the profile.

Keep in mind that if you're working in the sandbox any credit card expiration and security code will be accepted as long as it's not expired. This is done in the sandbox to make testing quick and easy.

If you would like to force errors in the API response so you can test those cases, take a look at the PayFlow documentation on testing.

1
votes

Yes in the Test mode any future date for EXPDATE will be fine as Andrew mentioned . If you are looking for CVV value to be returned as "N" in the test mode then you can adjust the CVV values according to the docs below .

https://developer.paypal.com/webapps/developer/docs/classic/payflow/integration-guide/#testing-card-security-code

NVP Request:
VENDOR=XXX&PARTNER=Paypal&USER=XXXX&PWD=XXXX&TRXTYPE[1]=A&TENDER[1]=C&VERBOSITY=HIGH&ACCT[16]=5105105105105100&EXPDATE[4]=1020&AMT=0.00&**CVV2[3]=400**&COMMENT1[23]=Global Test Transaction&FIRSTNAME[4]=John&LASTNAME[5]=Smith&STREET=49354 Main&CITY[7]=SanJose&STATE[2]=CA&ZIP[5]=94303&COUNTRY[2]=US

NVP Response:
RESULT=0
PNREF=A71C8A7EA028
RESPMSG=Verified
AUTHCODE=010101
AVSADDR=N
AVSZIP=N
CVV2MATCH=N
HOSTCODE=A
RESPTEXT=100
PROCAVS=I8
PROCCVV2=N
TRANSTIME=2015-11-23 20:05:55
FIRSTNAME=John
LASTNAME=Smith
AMT=0.00
ACCT=5100
EXPDATE=1020
CARDTYPE=1
IAVS=N
PREFPSMSG=No Rules Triggered
POSTFPSMSG=No Rules Triggered