Payment Method
Payment Method: Update
See also the Payment Method response object.
- PHP
$result = $gateway->paymentMethod()->update(
'the_token',
[
'billingAddress' => [
'streetAddress' => '100 Maple Lane',
'options' => [
'updateExisting' => true
]
]
]);
Arguments
token
required, stringAdditional Parameters
'company'
string'countryCodeAlpha2'
stringThe ISO 3166-1 alpha-2 country code specified in an address. The gateway only accepts specific alpha-2 values.
'countryCodeAlpha3'
stringThe ISO 3166-1 alpha-3 country code specified in an address. The gateway only accepts specific alpha-3 values.
'countryCodeNumeric'
stringThe ISO 3166-1 numeric country code specified in an address. The gateway only accepts specific numeric values.
'countryName'
stringThe country name specified in an address. Braintree only accepts specific country names.
'extendedAddress'
string'firstName'
string'countryCode'
string'nationalNumber'
string'lastName'
string'locality'
string'updateExisting'
bool'phoneNumber'
stringDeprecated.
We recommend using international_phone
. This functionality still exists in the gateway but is no longer documented. This parameter will be removed in the future.
'postalCode'
string'region'
string'streetAddress'
string'billingAddressId'
string'cardholderName'
string'cvv'
stringTypically requires PCI SAQ D compliance
We recommend using paymentMethodNonce
to avoid any PCI concerns with raw credit card data being present on your server.
A 3 or 4 digit card verification value assigned to credit cards. The CVV will never be stored in the gateway, but it can be provided with one-time requests to verify the card.
'deviceData'
stringCustomer device information. Pass this value only if you have Premium Fraud Management Tools enabled and are adding credit card data to your Vault. Be sure to provide the full string received from the Braintree client SDK.
'expirationDate'
stringWhile we recommend using paymentMethodNonce
when updating raw credit card data, the expiration date can be updated directly without any PCI concerns as long as you do not store, process, or transmit the raw PAN or CVV.
The expiration date, formatted MM/YY
or MM/YYYY
. May be used instead of expirationMonth and expirationYear.
'expirationMonth'
stringWhile we recommend using paymentMethodNonce
when updating raw credit card data, the expiration month can be updated directly without any PCI concerns as long as you do not store, process, or transmit the raw PAN or CVV.
The expiration month of a credit card, formatted MM
. May be used with expirationYear, and instead of expirationDate.
'expirationYear'
stringWhile we recommend using paymentMethodNonce
when updating raw credit card data, the expiration year can be updated directly without any PCI concerns as long as you do not store, process, or transmit the raw PAN or CVV.
The two or four digit year associated with a credit card, formatted YYYY
or YY
. May be used with expirationMonth, and instead of expirationDate.
'number'
stringTypically requires PCI SAQ D compliance
We recommend using paymentMethodNonce
to avoid any PCI concerns with raw credit card data being present on your server.
The 12-19 digit value consisting of a bank identification number (BIN) and primary account number (PAN).
'makeDefault'
boolIf the payment method is a Credit Card
or Paypal Account
, this option makes the specified payment method the default for the customer. See example below.
'skipAdvancedFraudChecking'
booleanPrevents the verification from being evaluated as part of Premium Fraud Management Tools checks. Use with caution – once you've skipped checks for a verification, it is not possible to run them retroactively.
'venmoSdkSession'
string'verificationAddOns'
multipleType of verification add ons for network check. Possible values:
customer_verification
'verificationAmount'
stringSpecify the merchant account ID that you want to use to verify a card. See the merchantAccountId
on Transaction: Sale
to learn more. The merchant account can't be a marketplace sub-merchant account. See the Braintree Marketplace Guide to learn more.
'verifyCard'
boolIf the payment method is a credit card, this option prompts the gateway to verify the card's number and expiration date. It also verifies the AVS and CVV information if you've enabled AVS and CVV rules.
In some cases, cardholders may see a temporary authorization on their account after their card has been verified. The authorization will fall off the cardholder's account within a few days and will never settle.
Only returns a Credit Card Verification
result if verification runs and is unsuccessful.
'paymentMethodNonce'
stringResults of a merchant-performed 3D Secure authentication. You will only need to use these fields if you've performed your own integration with a 3D Secure MPI provider (e.g. Cardinal Centinel). Otherwise, Braintree's SDKs handle this for you in our standard 3D Secure integration.
'cavv'
stringCardholder authentication verification value or CAVV. The main encrypted message issuers and card networks use to verify authentication has occurred. Mastercard uses an AVV message and American Express uses an AEVV message, each of which should also be passed in the cavv parameter.
'dsTransactionId'
stringTransaction identifier resulting from 3D Secure 2 authentication. This field must be supplied for Mastercard Identity Check.
'eciFlag'
stringThe value of the electronic commerce indicator (ECI) flag, which indicates the outcome of the 3DS authentication.
Accepted values for Mastercard:
00
= Failed or not attempted01
= Attempted02
= Success04
= Data-Only (Applies to limited processors)
Accepted values for all other card brands:
07
= Failed or not attempted06
= Attempted05
= Success
'threeDSecureVersion'
stringThe version of 3D Secure authentication used for the transaction. Required
on Visa and Mastercard authentications. Must be composed of digits separated
by periods (e.g. 1.0.2
).
'xid'
stringTransaction identifier resulting from 3D Secure authentication. Uniquely identifies the transaction and sometimes required in the authorization message. Must be base64-encoded. This field will no longer be used in 3D Secure 2 authentications.
'token'
stringExamples
Update billing address
To update the existing billing address when updating a payment method use the updateExisting option. If any other payment methods are associated with the same billing address, this will also update the billing address for those payment methods.
- PHP
$result = $gateway->paymentMethod()->update(
'the_token',
[
'billingAddress' => [
'streetAddress' => '100 Maple Lane',
'options' => [
'updateExisting' => true
]
]
]);
If the payment method can't be found, you'll receive a Braintree\Exception\NotFound
exception.
New billing address
If you don't use the updateExisting option, a new address will be created. The existing billing address will remain in the Vault associated with the customer.
- PHP
$result = $gateway->paymentMethod()->update(
'the_token',
[
'billingAddress' => [
'firstName' => 'Drew',
'lastName' => 'Smith',
'company' => 'Smith Co.',
'streetAddress' => '1 E Main St',
'region' => 'IL',
'postalCode' => '60622'
]
]
);
Update with existing billing address
If a customer already has an address you'd like to use, you can update the payment method with that address.
- PHP
$result = $gateway->paymentMethod()->update(
'the_token',
[
'billingAddressId' => 'theBillingAddressId'
]
);
Updating a PayPal account token
The only fields that may be updated on a PayPal account are the token associated with that account, and setting the account as the default payment method for a customer.
- PHP
$result = $gateway->payPalAccount()->update($originalToken, [
'token' => $newToken
]);
Make default
If the payment method is a credit card or PayPal account, you can use this call to set the payment method as the customer's default. For all other payment method types, use defaultPaymentMethodToken on Customer: Update
instead.
- PHP
$updateResult = $gateway->paymentMethod()->update(
'the_token',
[
'options' => [
'makeDefault' => true
]
]
);
Card verification
By default we will run credit card validations but not perform verification . Braintree strongly recommends verifying all cards before they are stored in your Vault by enabling card verification for your entire account in the Control Panel. If you choose to manually verify cards, set verifyCard to true .
If you have AVS/CVV checks enabled, they will be performed when you call the payment method update. To skip these checks, set verifyCard to false.
- PHP
$result = $gateway->paymentMethod()->update('the_payment_method_token', [
'paymentMethodNonce' => nonceFromTheClient,
'options' => [
'verifyCard' => true
]
]);
Updating with a nonce and additional parameters
When updating the credit card information with a nonce, you may pass additional parameters to update as well. Here is an example of updating a payment method and explicitly verifying the card.
- PHP
$result = $gateway->paymentMethod()->update(
'the_token',
[
'paymentMethodNonce' => nonceFromTheClient,
'billingAddress' => [
'firstName' => 'Drew',
'lastName' => 'Smith',
'company' => 'Smith Co.',
'streetAddress' => '1 E Main St',
'region' => 'IL'
]
]
);
To verify the AVS information of an existing payment method, pass the update request with verify_card
set to "true". Note that an update will create a transaction, so if your processing options are set to reject transactions without CVV, you will need to include CVV as a parameter, or disable this rule (see below).
To disable the CVV requirement:
- Log into the Control Panel
- Click on the gear icon in the top right corner
- Click Fraud Management from the drop-down menu
- Next to CVV, click the Options link
- Under the Reject Transactions & Verifications If section, uncheck the CVV Not Provided (I) box
Payment method nonces vs. raw card data
While it is possible to pass both raw card data and a payment method nonce in the same call, we recommend passing only a payment method nonce.
Passing both will result in a payment method that has a mix of their attributes, with precedence given to the fields individually, then to the attributes of the payment method nonce. For example, if you pass both a card number and a payment method nonce, the payment method will have the number you passed explicitly, but the rest of the attributes will be obtained through the nonce.