question

bobbygill avatar image
bobbygill asked wsadiq commented

Payment Failed when using same payment token for payment

We are using payment API for Clover Payment.

URL : https://scl.clover.com/v1//orders/<OrderID>J/pay


When we add new payment method and do payment using this API, Its working first time, but when we try doing payment using same payment token after some time with new order its failing with below error.

{

"message": "402 Payment Required",

"error": {

"code": "card_declined",

"message": "CVV is not provided",

"charge": "XXXXXXXXX",

"declineCode": "issuer_declined"

}

}


FYI: We have started getting this error after this morning. It was working fine before that.

Please suggest.

Paymentse-commerce api
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

David Marginian avatar image
David Marginian Deactivated answered David Marginian Deactivated edited

Ok, I looked at the request you are making and failure is the expected behavior. Tokens are single use by default. When you store the card token on a customer you either need to:

1) Set the source on subsequent payments to be the customer uuid, NOT the token.

or ...

2) Pass stored_credentials with subsequent payment requests:

"stored_credentials":{ "sequence": "FIRST/SUBSEQUENT", "is_scheduled": "false", "initiator": "CARDHOLDER/MERCHANT" }

When the source is set to a customer uuid we set the stored_credentials for you (1), but if you just pass the token we have no way of knowing the payment is recurring, because you haven't told us.

Why is passing just the token for a recurring payment a problem? Because, when a card is tokenized we cache the CVV for a short period of time (~10 minutes) and use it to validate any "initial" payments made with the token. After 10 minutes the CVV is gone, and the payment will always be declined UNLESS you properly set the stored_credentials to notify us that the payment is recurring.

4 comments
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

bobbygill avatar image bobbygill commented ·

David thanks for this.


For 2.), if we pass stored_credentials what do we pass for the source?

0 Likes 0 ·
David Marginian avatar image David Marginian ♦♦ bobbygill commented ·

You will pass the token, as you are now. When you pass the customer uuid, we essentially do this for you, but if you pass the token we don't.

0 Likes 0 ·
bobbygill avatar image bobbygill David Marginian ♦♦ commented ·

By Customer uuid, you mean Clover Card uuid or Customer uuid?

Because we can add multiple cards under one customer. So, customer uuid will be same for all cards but clover card uuid will be different per card.


How customer uuid will work if we have added multiple card to customer account? which card it will select for doing payment?

0 Likes 0 ·
Show more comments
David Marginian avatar image
David Marginian Deactivated answered wsadiq commented

Can you explain your flow a bit more? Are you tokenizing via iframe or API? Why is there a delay between when you tokenize and when you charge the card? Are these Card on File payments? Do you pass the token or the customer uuid as the source when you make the payment?

16 comments
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

bobbygill avatar image bobbygill commented ·

Our app allows users to order ahead for coffee and then pick it up in person. The flow currently is that when the user signs up they are able to add a payment method to their profile independently of making an actual order. So someone might add a payment method and save it for use in the future. We do not want the users to have re-enter payment methods each time they order. We create a payment method for the Customer in Clover, and store the payment token into our DB for use in the future for ordering. We use this token as the source when making the order.


We are using the iFrame for tokenization.


We are passing the Payment token (created from the iFrame) as a source when making payment.

0 Likes 0 ·
David Marginian avatar image David Marginian ♦♦ bobbygill commented ·

I need to engage ecomm about this for some clarity and I will get back to you when I hear back.

"We create a payment method for the Customer in Clover"

How, are you following our instructions here https://docs.clover.com/docs/ecommerce-saving-card?

If you aren't it sounds like this may be expected behavior. Card tokens are generally single use and if you aren't following our card on file instructions I am not sure I would expect this to work.


0 Likes 0 ·
bobbygill avatar image bobbygill David Marginian ♦♦ commented ·

Yes we are following those instructions. This flow does and has been working for us without a problem for the past 4 weeks in production and continues to work in sandbox, so I really do think there is something on the Clover end that has changed which is now causing it to break for us.

0 Likes 0 ·
Show more comments

Welcome to the
Clover Developer Community