I'm working on a project that needs to be have the credit card payment integration, we want to use elavon.com API. One of the requirement states that we need to record the credit card information during order, manually approve/ reject each order & charge the card only when the order has been manually approved.
The question is can we do something like this with Elavon? & is it the right approach for this task, as I know there are many security risks with this.
I read about getting a token from the API and storing the token instead of storing the credit card information. Any direction/ guidance in this direction is highly appreciated.
Related
As I know every time when user add the same card to ApplePay/GooglePay it’s create a new token. When I read payment data over nfc is it have any tag to identify user? It’ mean any constant data for any token which link to physical card? Thanks
There is Payment Account Reference for this purpose. There are some limitations of its availability and ability to link to original card, so it's really a complex topic that cannot be limited to card-terminal interface, but involve other systems as well.
I'd advise that you discuss this with payment schemes.
We would like to implement a payment solution where end users can send money to other users, merchants (e.g Walmart, shop vendors).
(Payment service to send money to shop vendors (e.g Wallmart), Person, POS)
e.g Nowadays we send money via NFC, by scanning QR Code, etc.
Is there any possibility to implement such solutions?
General Application flow:
Customer registers on the app.
Connect their bank account, add their Debit Card.
Can pay to anyone via NFC, scanning QR code.
I didn't find anything yet but exploring: https://developer.mastercard.com/
Your thoughts?
We found a 3rd party service (Card issuing) Marqeta to solve our problem. Using the API we can do the following:
We can issue cards to Users (Virtual, Tokenized, Physical)
Users can push cards to Google Pay, Apply Pay to use NFC payments.
We can keep track of transactions made by the issued cards.
I'm using Braintree for my site's payments and it works well except that when a user has selected a payment card from its chrome's history and he/she mistakenly inputs a wrong CVV the Braintree will fail the transaction (when trying to verify) but it saves the credit card and the user cannot edit him/her mistake, and only thing he/she can is to delete the CC using the Braintree's vault manager and re-enter again!
Question:
How can I make drop-in to edit the selected card when the card's verification fails?
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
Vault manager does not allow the ability to edit the CVV (or any values) on the cards saved to the Vault. I can certainly pass this along as a future feature request.
This does not sound like the expected behavior if you are verifying prior to Vaulting in production and have CVV rules enabled to reject if the CVV does not match. If you are running into this error in production, please reach out to our Support team with an example. If this is in sandbox, please ensure you are using a test CVV to trigger the desired response.
I'm currently interested in using Braintree to make payments from a server using credit card credentials that I currently hold to another payment server.
Currently, the payment nonce is generated by the Braintree Client SDK when a client enter in his credit card details.
However, I want to set it up such that my server, which already contains my credit card details, will generate the payment nonce and send it to another server which accepts Braintree payment nonces.
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
If you already have the credit card details, you can first create a payment method from those. Once you have a payment method you can treat it just like you would a nonce to create transactions.
Just keep in mind this has additional PCI concerns with raw credit card data being present on your server.
I am working on an app that requires payment to be collected from customers. I have few questions related to braintree integration with my app. I am actually struggling a bit with the workings of the braintree so thought of checking here.
The PCI compliance is critical so i do not want to store anything in my app or the backend server. Can I achieve this with braintree? I also don’t want customer to retype the credit card information when they come back to the app. As I understand there is a Vault functionality which can do this but I was not sure.
Do I invoke the braintree API from iOS app directly or do I need to first send the credit card information to my backend layer and then invoke the Braintree APIs from backend. I don’t want to transmit anything to my server due to the PCI compliance so I am hoping that I can just invoke the braintree API directly from the iOS APP and when user comes back, again invoke the braintree Vault API from the APP and pull the previously used credit card.
appreciate if anyone can pls. direct me to some kind of architecture / white paper/best practice on this. I went thru the APIs document on braintree site which provides and good API documents but i could not find the high level architecture document on this.
Thanks in advance..
Yes. https://articles.braintreepayments.com/control-panel/vault/overview
Yes use from iOS. https://developers.braintreepayments.com/ios+ruby/start/hello-client
for number three... I'm not sure where to find that. Definitely ask support