question

jms avatar image
jms asked manu commented

Ecommerce Payments Failing: "CVV does not match"

Hi. We use the iFrame integration to allow customers to make clover payments.

When trying to pay for an order with the /v1/orders/{orderId}/pay and the card source generated by the iFrame, we get the following error:

Request:

"{"amount":2666,"currency":"USD","source":"<IFRAME-CARD-TOKEN>","tip_amount":0}"

Response:

{"message":"402 Payment Required","error":{"code":"card_declined","message":"CVV does not match","charge":"<CHARGE-ID>","declineCode":"issuer_declined"}}

I have 3 questions regarding this scenario:

  1. Why does this fail at this point? We rely on Clover to generate the card tokens for us which we assume Clover validates before providing the tokenized card.
  2. Is there something wrong with our assumption of the above? Does the actual validation happen when executing the charge? Does tokenization simply store the details on Clover end without any validation? We are currently under the assumption that a tokenized card is a valid card.
  3. If so, what are the possible major errors that need to be handled in the /v1/orders/{orderId}/pay flow so that we can show meaningful error messages to the customer?

Thank you for your support.

e-commerce api
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

3 Answers

·
David Marginian avatar image
David Marginian Deactivated answered David Marginian Deactivated commented

I have made an attempt to explain some of this in my comments here - https://community.clover.com/questions/30103/ecommerce-card-tokens-failing-cvv-is-not-provided.html?childToView=30264#comment-30264.

1) We do not validate the card when the card is tokenized. We DO validate it WHEN/IF you save the token on a customer record (COF - https://docs.clover.com/docs/ecommerce-saving-card).

2) Per 1, we do not validate the card when it is tokenized. By default, tokens are both SHORT lived (~10 minutes) and SINGLE use. If you want to use a token more than once and outside of the ~10 minute expiration period then you need to get the customer's consent and use COF.

3) The message coming back in the response is generally quite meaningful.

2 comments
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

jms avatar image jms commented ·

Hi @David. Thanks for the quick response.

Just to clarify, the PUT request to /v1/customers/{cloverCustomerId} will fail if the card data represented by the token is invalid?

0 Likes 0 ·
David Marginian avatar image David Marginian ♦♦ jms commented ·

Yes, that is correct.

0 Likes 0 ·
mariahcarey avatar image
mariahcarey answered bryanvargas edited

Have you received any further feedback or updates on the issues with CVV validation and tokenization?

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

sientatri11 avatar image
sientatri11 answered manu commented

First of all double-check that you entered the CVV correctly. It's easy to make mistakes when typing the code, so ensure that you haven't transposed any numbers or made any other errors. If you recently received a new card or your card expired, the CVV might be different from what you previously used. Verify that you are using the CVV air compressor for nail gun associated with the current card. Sometimes, payment processors or banks have strict security measures in place to protect against fraudulent transactions. If they suspect suspicious activity, such as multiple failed attempts or a high-risk transaction, they may block the payment and return a "CVV does not match" error. In such cases, contacting your bank or card issuer to verify and authorize the transaction can resolve the issue.

1 comment
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

manu avatar image manu commented ·


Problem is that when get a SINGLE use token using iFrame, we use that token to "Save a Card" for a customer account. We then use the customer ID as a source to "Create a Charge" and gets successful transaction response back.


Now for future transactions, we again use the saved Customer ID for creating subsequent charges and gets successful response back but after few successful charges we start getting "message": "CVV is not provided" error message and "Create a Charge" getting failed.


Why is that "Create a Charge" is failing after being successful in first few attempts using the same customer ID as source?

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community