Control Panel/
Vault/
Card Verification

Card Verification

Card verification is a strong first-line defense against potentially fraudulent cards. It ensures that the credit card number provided is associated with a valid, open account and can be stored in the Vault and charged successfully. We can verify the following fields with the customer’s bank:

  • Card number
  • Card expiration date
  • Street address and postal code
  • CVV

If card verification is enabled, the gateway will verify that credit cards are valid and pass any of your configured AVS and CVV rules before they are stored in the Vault. Cards that are not valid will not be stored in the Vault.

Braintree strongly recommends verifying all cards before they are stored in your Vault by enabling card verification for your entire account in the Control Panel.

How it worksAnchorIcon

The Braintree gateway verifies credit cards by running either a $0 or $1 authorization and then automatically voiding it. For most processors and card brands, transactions are initially tried with a $0 authorization. If $0 authorizations are not supported, a $1 authorization will be performed automatically.

In any instance where a $1 authorization returns a successful result, we immediately follow up with an automatic void request to ensure that the transaction does not settle and that it disappears from the cardholder's statement as soon as possible.

Enabling card verificationAnchorIcon

To enable card verification for all cards as they are entered into the Vault:

  1. Log into the Control Panel.
  2. Click on the gear icon in the top right corner.
  3. Click Processing from the drop-down menu.
  4. Scroll to the Vaulting section.
  5. Next to Card Verification, click the toggle to turn it on.

If enabled, the gateway will verify that credit cards are valid and that they pass configured AVS/CVV rules before they are stored in the Vault. Cards that are not valid will not be stored in the Vault.

Retrying all failed $0 verificationsAnchorIcon

Certain banks using Visa and Mastercard do not accept $0 as a valid transaction amount. These banks typically respond with a specific decline code that tells us that we should retry the authorization with an amount of $1, which we do automatically. However, in cases where we're sent a generic decline code, the authorization is not retried by default.

To attempt to avoid rejecting otherwise valid cards, you can opt to retry all failed $0 authorizations as $1 authorizations, regardless of the processor decline response.

To enable this feature:

  1. Log into the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Processing from the drop-down menu
  4. Scroll to the Vaulting section
  5. Next to Card Verification – Retry All Failed $0, click the toggle to turn it on

Verifying vaulted cardsAnchorIcon

To re-verify a card that is already stored in a Vault record:

  1. Log into the Control Panel.
  2. Select Vault in the navigation bar.
  3. Scroll to the Customer Search section.
  4. Define your desired parameters, and select Search.
  5. Select the link in the Token column of the record you want to re-verify.
  6. Select the Edit button at the top of the page.
  7. Select the Verify card box at the bottom of the Payment Method Details section.
  8. Enter the card's CVV.
  9. Select the Save button.

The verification result appears on the next page, along with the CVV and AVS Responses.

You also can perform e-verification through the API. Learn more in our developer docs.