Credit Card Verification

Credit Card Verification: Create

You can perform a standalone credit card verification without storing the card in the Vault. However, to do so you must pass raw credit card data, which should only be done in a PCI compliant environment. If in doubt, use a payment_method_nonce to perform a standard card verification and vault the card.

Parameters
:billing_address
A billing address associated with a specific customer ID. It can be further associated with a specific payment method. The maximum number of addresses per customer is 50.
:companyString
Company name. 255 character maximum.
:country_code_alpha2String

The ISO 3166-1 alpha-2 country code specified in an address. The gateway only accepts specific alpha-2 values.

:country_code_alpha3String

The ISO 3166-1 alpha-3 country code specified in an address. The gateway only accepts specific alpha-3 values.

:country_code_numericString

The ISO 3166-1 numeric country code specified in an address. The gateway only accepts specific numeric values.

:country_nameString

The country name specified in an address. We only accept specific country names.

:extended_addressString
The extended address information—such as apartment or suite number. 255 character maximum.
:first_nameString
The first name. 255 character maximum.
:last_nameString
The last name. 255 character maximum.
:localityString
The locality/city. 255 character maximum.
:phone_numberString
Phone number. Phone must be 10-14 characters and can only contain numbers, hyphens and parentheses.
:postal_codeString
The postal code. Postal code must be a string of 4-9 alphanumeric characters, optionally separated by a dash or a space. Spaces and hyphens are ignored.
:regionString
The state or province. 255 character maximum.
:street_addressString
The billing street address. 255 character maximum. Required to perform card verification when AVS rules are configured to require street address.
:cardholder_nameString
The cardholder name associated with the credit card. 175 character maximum.
:cvvString
A 3 or 4 digit card verification value assigned to credit cards. The CVV will never be stored in the gateway, but it can be provided with one-time requests to verify the card.
:expiration_dateString

The expiration date, formatted MM/YY or MM/YYYY. May be used instead of expiration_month and expiration_year.

:expiration_monthString

The expiration month of a credit card, formatted MM. May be used with expiration_year, and instead of expiration_date.

:expiration_yearString

The 2 or 4 digit year associated with a credit card, formatted YYYY or YY. May be used with expiration_month, and instead of expiration_date.

:numberString
The 12-19 digit value consisting of a bank identification number (BIN) and primary account number (PAN).
:external_vault
Options used to indicate when a payment method is externally vaulted. These fields should be provided when storing a customer's payment methods in an external vault (e.g. third-party vault, not tokenizing through Braintree).
:previous_network_transaction_idString
Network transaction identifier issued by the card brand network during a previous transaction or verification. Currently only applicable for Visa payment methods. Visa provides network transaction identifiers to improve authorization approval rates for stored credential transactions.
:statusString

The option indicates the vaulted status of the externally vaulted payment method. Accepted values:

  • vaulted = Indicates the payment method is already stored on behalf of the customer.
  • will_vault = Indicates the payment method is intended to be vaulted upon successful processing of the verification.
:options
Optional values that can be passed with a request.
:amountString
Specify a positive, non-zero amount that you want to use to verify a card. If you do not pass this option, the gateway will automatically use a verification amount of $0 or $1, depending on the card type.
:merchant_account_idString

Specify the merchant account ID that you want to use to verify a card. See the merchant_account_id on Transaction: Sale to learn more.

:payment_method_nonceString
One-time-use reference to payment information provided by your customer, such as a credit card or PayPal account.
:risk_data
Customer request information. Sent to processor to help verify transaction integrity.
:customer_browserString
The User Agent field provided by the customer. Maximum 255 characters.
:customer_ipString
The customer's IP address.
:three_d_secure_authentication_idString
ID of the 3D Secure authentication performed for this transaction. Do not provide this field if you are using a nonce for this transaction that is 3D Secure enriched.
:three_d_secure_pass_thru

Results of a merchant-performed 3D Secure authentication. You will only need to use these fields if you've performed your own integration with a 3D Secure MPI provider (e.g. Cardinal Centinel). Otherwise, Braintree's SDKs handle this for you in our standard 3D Secure integration.

:cavvString

Cardholder authentication verification value or CAVV. The main encrypted message issuers and card networks use to verify authentication has occurred. Mastercard uses an AVV message and American Express uses an AEVV message, each of which should also be passed in the cavv parameter.

:ds_transaction_idString

Transaction identifier resulting from 3D Secure 2 authentication. This field must be supplied for Mastercard Identity Check.

:eci_flagString

The value of the electronic commerce indicator (ECI) flag, which indicates the outcome of the 3DS authentication.

Accepted values for Mastercard:

  • 00 = Failed or not attempted
  • 01 = Attempted
  • 02 = Success
  • 04 = Data-Only (Applies to limited processors)

Accepted values for all other card brands:

  • 07 = Failed or not attempted
  • 06 = Attempted
  • 05 = Success
:three_d_secure_versionString

The version of 3D Secure authentication used for the transaction. Required on Visa and Mastercard authentications. Must be composed of digits separated by periods (e.g. 1.0.2).

:xidString

Transaction identifier resulting from 3D Secure authentication. Uniquely identifies the transaction and sometimes required in the authorization message. Must be base64-encoded. This field will no longer be used in 3D Secure 2 authentications.