NOTE: Credit card verification is currently not supported for Canadian transactions.
Verifying credit card data can help stop fraudulent transactions and prevent rate downgrades from your authorizer. You can verify a card at any time before performing a transaction, such as when setting up a recurring or scheduled future payment or when creating a token. In the past, card-not-present merchants had to verify cards by sending $1.00 "ghost authorizations," which captured funds while the transaction remained in a pending state before eventually expiring. For merchants, these "ghost authorizations" created support problems, and for issuers, they negatively impacted cardholder spending. Hence, Visa and MasterCard began allowing zero dollar transactions so that merchants could perform Address and CVV verifications.
Forte’s card verification service ensures that a card is linked to an open, valid account by matching up the following data on file with the customer’s issuing bank:
- Primary Account Number (PAN)
- CVV/CVV2
- Expiration Month and Year
- Cardholder’s Street Address and Zip Code
You can verify credit cards using Forte's REST API or the Advanced Gateway Interface. Only Vantiv merchants can use $0 transactions for address verifications.
NOTE: Batched card transactions that include either the postal code information, street address, or both are processed with an AVS check; however, this AVS check
- does not decline the item in the event of a mismatch
- does not include the AVS check results in the Batch Results file that is returned to the merchant.
Currently, mismatched AVS results are only reported. Thus, if a merchant needs AVS results as part of a rebuttal to a card-not-present dispute, the merchant will need to verify the information using the Get Transaction Detail DX report. In a future release, the AVS Check Results will be included in the Batch Results file.
The Verification Process
Forte reports and bills/commissions zero-dollar transactions normally and provides a postback to merchants indicating AVS and CVV results. No funds are captured and the transactions never go through settlement. Zero-dollar card verifications have no impact on SplitFund merchants.
The following diagram provides a high-level overview of this process:
Verifying Card Data in REST
To verify credit card data via Forte’s REST API, you simply have to pass the following parameters in your POST request along with the first and last name for the billing address and the credit card parameters (i.e., card_type
, account_number
, expire_month
, expire_year
, card_verification_value
):
authorization_amount=0
action=sale
oraction=verify
NOTES:
- The REST API supports string tokens generated from newer products (i.e., Forte Checkout, REST API) and integer tokens generated from older products.
- Only Vantiv supports $0 AVS-only transactions.
- The verify action for a credit card works differently than an ACH verify. ACH verify requests provide money amount verifications (e.g., authorization_amount=10) with the transaction, whereas, in credit card verify requests, the authorization_amount parameter must be null or zero and the transaction behaves the same as a zero-dollar sale transaction.
Forte verifies the data with the issuing bank and sends one of the following responses back in the cvv_result
field of the response
object:
M
= MatchN
= No MatchE
= Error (Unrecognized or Unknown Response)I
= Invalid or NullP
= Not ProcessedS
= Service Not SupportedU
= Issuer Unable to ProcessX
= No Response
Forte also verifies the address data provided by the customer with the issuing bank and sends one of the following responses back in the avs_result
field of the response
object:
X
= Match: Street Address and 9-digit Zip Code both matchY
= Match: Street Address and 5-digit Zip Code both matchA
= Partial Match: Street Address matches, but both 5-digit and 9-digit Zip Code do not matchW
= Partial Match: Street Address does not match, but 9-digit Zip Code matchesZ
= Partial Match: Street Address does not match, but 5-digit Zip Code matchesN
= No Match: Street Address, 5-digit Zip Code, and 9-digit Zip Code all do not matchU
= System Unavailable: Address information unavailable. Forte returns this response if the Street Address is a non-US address, if the AVS service is unavailable, or if the AVS service for a particular US bank is not properly functioning.R
= System Unavailable: Forte will retry the AVS check because the issuer's system is unavailable or the request times out.E
= Invalid: AVS data is invalidS
= Not Supported: The US issuing bank does not support AVS checks.
For example, the following POST to the Transaction object indicates a card verification request:
{ "action":"verify", //the value of this parameter could also be "sale"// "authorization_amount": 0, "billing_address":{ "first_name": "Emmett", "last_name": "Brown" }, "card":{ "card_type": "visa", "account_number": "4111111111111111", "expire_month": 12, "expire_year": 2015, "card_verification_value": "123" } }
The following response from Forte indicates that the card passed verification:
{ "transaction_id": "trn_4bcfa57d-18e9-456e-8ce0-da7eb3a4f37d", "location_id": "loc_115161", "action": "verify", //will echo "sale" if that is the request "action"// "authorization_amount": 0, "authorization_code": "123456" "billing_address": { "first_name": "Emmett", "last_name": "Brown" }, "card": { "account_number": "4111111111111111", "expire_month": 12, "expire_year": 2015, "card_verification_value": "123", "card_type": "visa" }, "response": { "authorization_code": "123456", "avs_result": "Y", "cvv_code": "M", "environment": "live", "response_type": "A", "response_code": "A01", "response_desc": "APPROVED" }, "links": { "self": "https://api.forte.net/v3/accounts/act_300005/locations/loc_115161/transactions/trn_4bcfa57d-18e9-456e-8ce0-da7eb3a4f37d", "settlements": "https://api.forte.net/v3/accounts/act_300005/locations/loc_115161/transactions/trn_4bcfa57d-18e9-456e-8ce0-da7eb3a4f37d/settlements" } }
Verifying Card Data in AGI
To verify credit card data via Forte’s AGI service, you simply have to pass the following parameters in your Transaction request message along with the first and last name for the billing address and the necessary credit card parameters (i.e., ecom_payment_card_type
, ecom_payment_card_number
, ecom_payment_card_expdate_month
, ecom_payment_card_expdate_year
):
pg_transaction_type=10
pg_total_amount=0.00
Use the following example when formatting your request template:
pg_merchant_id=<Merchant ID> pg_password=<Merchant Password> pg_transaction_type=10 pg_total_amount=0.00 ecom_billto_postal_name_first=John ecom_billto_postal_name_last=Smith ecom_billto_postal_street_line_1=123 Any Street ecom_billto_postal_city=San Diego ecom_billto_postal_stateprov=CA ecom_billto_postal_postalcode=92104 ecom_payment_card_name=John Smith ecom_payment_card_type=Visa ecom_payment_card_number=<Credit Card Account Number> ecom_payment_card_expdate_month=<Credit Card Expiration Month> ecom_payment_card_expdate_year=<Credit Card Expiration Year> pg_avs_method=22000 endofdata
The following response from Forte indicates that the card passed verification:
pg_response_type=A pg_response_code=A01 pg_response_description=APPROVED pg_merchant_id=<Merchant ID> pg_authorization_code=420023 pg_trace_number=f0b77189-4014-11d6-a7fd-0050da8def0f pg_avs_result=0330 pg_transaction_type=10 pg_total_amount=0.00 ecom_billto_postal_name_first=John ecom_billto_postal_name_last=Smith ecom_billto_postal_street_line_1=123 Any Street ecom_billto_postal_city=San Diego ecom_billto_postal_stateprov=CA ecom_billto_postal_postalcode=92104 ecom_payment_card_name=John Smith ecom_payment_card_type=Visa ecom_payment_card_number=<Masked Credit Card Account Number> ecom_payment_card_expdate_month=<Credit Card Expiration Month> ecom_payment_card_expdate_year=<Credit Card Expiration Year> pg_preauth_code=none pg_preauth_result=POS pg_preauth_description=P70: VALIDATED endofdata