Contrib.social

3D Secure data is never used in payment

Open on Drupal.org →
Created on 23 February 2024, 4 months ago

Problem/Motivation

When the createPayment function is called, the payload is not sending the validation data to Valitor.

This is a very serious problem because the purchaser has not "approved" the amount being charged and could refuse to pay it.

Steps to reproduce

Create any Payment

Proposed resolution

If this is part of the first time the process is done (User enters their cc info and the virtual card is created), 3D verification is requested. That 3D verification needs to be a part of the payload of the payment request, othervise the user hasn't "approved" this particular purchase, just a 0kr. "general" authorisation.

On all subsequent purchases, when the user buys another item, verification should be performed again, now on the Virtual card.

Remaining tasks

  • Store verification data between confirmation and approval
  • Add Virtual Card Verification
🐛 Bug report
Status

Active

Version

2.0

Component

Code

Created by

🇮🇸Iceland drupalviking

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024