I'm on Payflow Pro as a Gateway with Moneris/Vital as a Processor, but they validate everything, every time, including the CCV code. I think you need to take this issue further, though.
It sounds like it's an issue with your Processor, not the Gateway. If Authorize.net is passing the exp date/CCV and the processor isn't checking it, it's time to switch processors IMHO. Unless you have some sort of fraud protection in place that indemnifies you from any loss. - Jon On Oct 25, 2006, at 8:57 PM, Will Tomlinson wrote: > I just noticed on our site, if you submit an authorize.net > transaction with a bogus expiration date, the transaction is still > approved. > > Just got off IM with a auth.net rep. Anybody ever run into this? > > Thanks, > Will > > Will Tomlinson: Ok, I'm running some sample transactions thru our > site, and the responses seem to be approved even if the expiration > date on the card is wrong. > > Will Tomlinson: I can give you a transaction # to check out > > Kevin T: No, actually we don't have the ability to check that. We > depend on the credit card networks to do the security checks for > us, and this is one thing they don't usually check, oddly enough. > > Kevin T: We'll make sure that the expiration date being provided > hasn't already passed, but other than that, we depend on the credit > card networks to confirm the accuracy of the expiration date > instead, and they rarely seem to actually do that. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:258074 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
