Vault

Card Verificationanchor

availability

Our card verification feature only works with credit and debit card payment methods.

Card verification is a strong first-line defense against potentially fraudulent cards. It ensures that the credit card number provided is associated with a valid, open account and can be stored in the Vault and charged successfully. We can verify the following fields with the customer’s bank:

  • Card number
  • Card expiration date
  • Street address and postal code
  • CVV

If card verification is enabled, the gateway will verify that credit cards are valid and pass any of your configured AVS and CVV rules before they are stored in the Vault. Cards that are not valid will not be stored in the Vault.

Braintree strongly recommends verifying all cards before they are stored in your Vault by enabling card verification for your entire account in the Control Panel.

How it worksanchor

The Braintree gateway verifies credit cards by running either a $0 or $1 authorization and then automatically voiding it. For most processors and card brands, transactions are initially tried with a $0 authorization. If $0 authorizations are not supported, a $1 authorization will be performed automatically.

In any instance where a $1 authorization returns a successful result, we immediately follow up with an automatic void request to ensure that the transaction does not settle and that it disappears from the cardholder's statement as soon as possible.

note

Some banks don't recognize void requests immediately. It's possible that after the void is issued, your customer will still see the pending charge. If this happens, have your customer call their bank; the bank should be able to see the void request and update your customer's bank statement accordingly.

Enabling card verificationanchor

To enable card verification for all cards as they are entered into the Vault:

  1. Log into the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Processing from the drop-down menu
  4. Scroll to the Vaulting section
  5. Next to Card Verification, click the toggle to turn it on

If enabled, the gateway will verify that credit cards are valid and pass configured AVS/CVV rules before they are stored in the Vault. Cards that are not valid will not be stored in the Vault.

note

You can also choose to verify cards on an individual basis, if you prefer. Learn more about card verification in our developer docs.

Retrying all failed $0 verificationsanchor

Certain banks using Visa and Mastercard do not accept $0 as a valid transaction amount. These banks typically respond with a specific decline code that tells us that we should retry the authorization with an amount of $1, which we do automatically. However, in cases where we're sent a generic decline code, the authorization is not retried by default.

To attempt to avoid rejecting otherwise valid cards, you can opt to retry all failed $0 authorizations as $1 authorizations, regardless of the processor decline response.

To enable this feature:

  1. Log into the Control Panel
  2. Click on the gear icon in the top right corner
  3. Click Processing from the drop-down menu
  4. Scroll to the Vaulting section
  5. Next to Card Verification – Retry All Failed $0, click the toggle to turn it on
note

Retry All Failed $0 verifications can be enabled even if Card Verification is disabled, in the event that you request individual card verifications via the API. Learn more in our developer docs.

Verifying cards already storedanchor

Due to PCI compliance restrictions, we never store your customer’s CVV. You’ll need to collect this from them again before re-verifying a card via the Control Panel or API.

If you'd like to re-verify a card already stored in a Vault record:

  1. Log into the Control Panel
  2. Click on Vault in the navigation bar
  3. Scroll to the Customer Search section
  4. Define your desired parameters and click the Search button
  5. Click the link located in the Token column of the record you'd like to re-verify
  6. Click the Edit button at the top of the page
  7. Check the Verify card box at the bottom of the Payment Method Details section
  8. Enter the card's CVV
  9. Click the Save button

The verification result will appear on the next page, along with the CVV and AVS Responses.

Re-verification can also be done via the API. Learn more in our developer docs.