Hmmm... how are we to verify?



Online transaction and real time verification and they want us to verify what? Your ID card?

We pass every bit of required and optional information: Name, address, CV2, credit card, expiration date, IP, time & date, and several other parameters. All information is passed to the bank and they are to tell us if the information is correct. we have no way of knowing if anything matches- the bank can decline the card if they find the information not matching with the account holder.

We have our own internal security audit but that is not something I will cover in this forum. We also utilize third party services (see our MaxMind press release for API) but in this case geo location and other factors match the presence information. Bank authorization comes from the bank and nothing we can do.

Thanks for the update.

You'll like this. Just spoke with Chase and they want to blame you guys for not verifying that all information matched. Isn't that their job?

New release fixed the restrictions

I forgot to mention that this morning we updated the system and fixed the bug you reported about the restrictions.

You can now add the domain restriction to the Account Info > API section and it should work.

Please let us know if you have any problem with the restrictions activated.

Successful transactions

Hi;

We have no control over what banks do. We post the information to the gateway and the issuing bank authorizes or declines. Once authorized it will be either in Authorized bin or the Settled batch. You have set the form to settle therefore all transactions are posted as settled and will be settled at 11 p.m. in your time zone. Your account is a merchant account and you have full control over what to do with the payment. If this was an in-house account we could have voided it but in the merchant account we can show you how to void it directly. If you need help please let us know and we can show you how.

I know for a fact that with my personal card the authorization fails if I put a wrong expiration date. I have received security calls from the bank when testing the system. I have tested it with wrong CV2 and wrong date and wrong name- all cause failure.

I reviewed your transaction and your bank has authorized it. Our support department just contacted the organization & notified them of the transaction and showed them how to void the transaction.

I suggest contacting your bank and finding out why they have authorized the card with invalid expiration date. They can tell you every detail about why they have told us the transaction is valid.