At 9:21 PM -0400 5/31/10, Paul M Foster wrote:
On Mon, May 31, 2010 at 12:36:55PM -0400, tedd wrote:
 > What data are used in credit card transactions are the: name of the
 card holder, credit card number, expiration date, CCV number, and zip
 code. I have not dealt with any credit card processors that require
 the billing address -- they just use the zip code. Additionally, it
 is up to the client to determine the level of security they want.
 They *can* require that *all* information be correct before accepting
 a sale.

When you say "client" in this context, what do you mean? The ultimate
customer, the company issuing the credit card, the bank, the merchant

The "client" here would have been my client -- the person who pays me for my service, owns the web site, and is selling product. It is he who has the agreement with the credit card processor and in this case it was a PayPal Merchant service.

In the documentation and code PayPal provides there are levels of accessibility/failure you can assign to authorization. You can set it to FAIL if the zip code or CCV are not correct -- however -- it defaults to requiring only the name, expiry date, and credit card number to be correct to PASS.

While working on this, I found that the cost for the less secure transaction was higher than for the more secure transaction.




PHP General Mailing List (
To unsubscribe, visit:

Reply via email to