Braintree DropInUI gateway rejection card verification not failing when creating customer (PHP)

0
votes

I have the following code for my (sandbox) checkout: (I have omitted the initial variable declarations for brevity)

require_once("braintree/braintree_init.php");

$nonceFromTheClient = 'fake-gateway-rejected-fraud-nonce';  

$result = Braintree_Customer::create([
    'id' => $userId,
    'firstName' => $firstName,
    'lastName' => $lastName,
    'email' => $email,
    'paymentMethodNonce' => $nonceFromTheClient,
    'creditCard' => [
        'billingAddress' => [
            'streetAddress' => $billingAddress,
            'locality' => $billingCity,
            'region' => $billingState,
            'postalCode' => $billingZip
        ]
    ]
]);

if ($result->success) {
    echo "create: success";
    $token = $result->customer->paymentMethods[0]->token;
} else {
    echo "create: fail";
    foreach($result->errors->deepAll() AS $error) {
        echo($error->code . ": " . $error->message . "\n");
    }
    $verification = $result->creditCardVerification;
    echo $verification->status;
    echo $verification->processorResponseCode;
    echo $verification->processorResponseText;
    echo $verification->gatewayRejectionReason;
    $verificationError = "There was a problem processing your credit card; please double check your payment information and try again.";
    return false;
}

$result = Braintree_Subscription::create([
    'paymentMethodToken' => $token,
    'planId' => $subId
]);

if ($result->success) {
    $subscriptionId = $result->subscription->id;
    header("Location:  transaction.php?i=".$subscriptionId."");
} else {
    foreach($result->errors->deepAll() AS $error) {
        echo($error->code . ": " . $error->message . "\n");
    }
}

I'm trying to get the card verification to fail. I have verification enabled for all cards in the Control Panel. When I use the provided $nonceFromTheClient = 'fake-gateway-rejected-fraud-nonce', the customer creation is still successful.

If I use a card number 4000111111111115 from the Unsuccessful credit card verification list, it is still successful, although admittedly I am not clear what nonce should be used with the card number.

If I use 'fake-processor-declined-visa-nonce' it fails (as expected).

So I'm not sure why the card verification is still successful for the first two attempts?

1
phppaypalbraintree

1 Answers

0
votes

Full disclosure: I work at Braintree. If you have any further questions, feel free to contact our support team.

Credit cards are not verified by default when being vaulted in our gateway. You must set the verifyCard option to true in order to have the card verified.

$result = Braintree_Customer::create([
    'firstName' => 'Fred',
    'lastName' => 'Jones',
    'creditCard' => [
        'paymentMethodNonce' => nonceFromTheClient,
        'options' => [
            'verifyCard' => true
        ]
    ]
]);

The testing section of our docs further elaborates on the use of our fake test nonces.