Credit Card

Credit Card: Update

important

Typically requires PCI SAQ D compliance

We recommend using payment_method functions to avoid any PCI concerns with raw credit card data being present on your server.

note

If you have card verification enabled, any updates made to credit cards are subject to those rules.

  1. Ruby
update_result = gateway.credit_card.update(credit_card.token,
    :cardholder_name => "New Holder",
    :cvv => "456",
    :number => "4111111111111111",
    :expiration_date => "06/2022",
    :billing_address => { :region => 'IL' },
    :options => {:verify_card => true}
)
Arguments
tokenrequired, String

An alphanumeric value that references a specific payment method stored in your Vault. Must be less than or equal to 36 characters. If using a custom integration, you can specify what you want the token to be. If not specified, the gateway will generate one that can be accessed on the result. If using our Drop-in UI with a customer ID to vault payment methods, you can't specify your own token. Length and format of gateway-generated tokens and IDs may change at any time.

Additional Parameters
:billing_address
A billing address associated with a specific customer ID. It can be further associated with a specific payment method. The maximum number of addresses per customer is 50.
:companyString
Company name. 255 character maximum.
:country_code_alpha2String
The ISO 3166-1 alpha-2 country code specified in an address. The gateway only accepts specific alpha-2 values.
:country_code_alpha3String
The ISO 3166-1 alpha-3 country code specified in an address. The gateway only accepts specific alpha-3 values.
:country_code_numericString
The ISO 3166-1 numeric country code specified in an address. The gateway only accepts specific numeric values.
:country_nameString
The country name specified in an address. We only accept specific country names.
:extended_addressString
The extended address information—such as apartment or suite number. 255 character maximum.
:first_nameString
The first name. 255 character maximum.
:last_nameString
The last name. 255 character maximum.
:localityString
The locality/city. 255 character maximum.
:options
Optional values that can be passed with a request.
:update_existingbool
Update the billing address associated with the payment method token specified. Other payment methods associated with the same billing address will have their addresses updated, as well.
:postal_codeString
The postal code. Postal code must be a string of 4-9 alphanumeric characters, optionally separated by a dash or a space. Spaces and hyphens are ignored.
:regionString
The state or province. 255 character maximum.
:street_addressString
The credit card billing street address. 255 character maximum. Required when performing card verification and AVS rules are configured to require street address.
:cardholder_nameString
The cardholder name associated with the credit card. 175 character maximum.
:cvvString

A 3 or 4 digit card verification value assigned to credit cards. The CVV will never be stored in the gateway, but it can be provided with one-time requests to verify the card.

:expiration_dateString

The expiration date, formatted MM/YY or MM/YYYY. May be used instead of and .

:expiration_monthString

The expiration month of a credit card, formatted MM. May be used with , and instead of .

:expiration_yearString

The two or four digit year associated with a credit card, formatted YYYY or YY. May be used with , and instead of .

:numberString

The 12-19 digit value consisting of a bank identification number (BIN) and primary account number (PAN). Passing the number directly (rather than passing a nonce) should only be done in a PCI compliant environment. If in doubt, use payment_method_nonce with Payment Method: Update

:options
Optional values that can be passed with a request.
:make_defaultbool
This option makes the specified payment method the default for the customer.
:skip_advanced_fraud_checkingboolean
Prevents the verification from being evaluated as part of Premium Fraud Management Tools checks. Use with caution – once you've skipped checks for a verification, it is not possible to run them retroactively.
:venmo_sdk_sessionString
This functionality still exists in the gateway but is no longer documented. Will remove this param/attr when the corresponding gateway code is removed.
:verification_amountString
Specify a non-negative amount that you want to use to verify a card. If you do not pass this option, the gateway will automatically use a verification amount of $0 or $1, depending on the processor and/or card type.
:verification_merchant_account_idString
Specify the merchant account ID that you want to use to verify a card. See the on to learn more. The merchant account can't be a marketplace sub-merchant account. See the Braintree Marketplace Guide to learn more.
:verify_cardbool

This option prompts the gateway to verify the card's number and expiration date. It also verifies the AVS and CVV information if you've enabled AVS and CVV rules.

note

Braintree strongly recommends verifying all cards before they are stored in your Vault by enabling card verification for your entire account in the Control Panel.

In some cases, cardholders may see a temporary authorization on their account after their card has been verified. The authorization will fall off the cardholder's account within a few days and will never settle.

Only returns a Credit Card Verification result if verification runs and is unsuccessful.",

:three_d_secure_pass_thru

Results of a merchant-performed 3D Secure authentication. You will only need to use these fields if you've performed your own integration with a 3D Secure MPI provider (e.g. Cardinal Centinel). Otherwise, Braintree's SDKs handle this for you in our standard 3D Secure integration.

:cavvString

Cardholder authentication verification value or CAVV. The main encrypted message issuers and card networks use to verify authentication has occurred. Mastercard uses an AVV message and American Express uses an AEVV message, each of which should also be passed in the parameter.

:ds_transaction_idString

Transaction identifier resulting from 3D Secure 2 authentication. This field must be supplied for Mastercard Identity Check.

:eci_flagString

The value of the electronic commerce indicator (ECI) flag, which indicates the outcome of the 3DS authentication.

Accepted values for Mastercard:

  • 00 = Failed or not attempted
  • 01 = Attempted
  • 02 = Success
  • 04 = Data-Only (Applies to limited processors)

Accepted values for all other card brands:

  • 07 = Failed or not attempted
  • 06 = Attempted
  • 05 = Success
:three_d_secure_versionString

The version of 3D Secure authentication used for the transaction. Required on Visa and Mastercard authentications. Must be composed of digits separated by periods (e.g. 1.0.2).

:xidString

Transaction identifier resulting from 3D Secure authentication. Uniquely identifies the transaction and sometimes required in the authorization message. Must be base64-encoded. This field will no longer be used in 3D Secure 2 authentications.

Payment method nonces vs. raw card dataanchor

While it is possible to pass both raw card data and a payment method nonce in the same call, we recommend passing only a payment method nonce.

Passing both will result in a payment method that has a mix of their attributes, with precedence given to the fields individually, then to the attributes of the payment method nonce. For example, if you pass both a card number and a payment method nonce, the payment method will have the number you passed explicitly, but the rest of the attributes will be obtained through the nonce.