We have a number of customers who are ordering online and having their credit card as entered rejected. It's not a payment portal but simply an online ssl transaction with the cart. Happily most call us to ask why it's not taking their card. Any suggestions?
It's not a payment portal but simply an online ssl transaction with the cart.
Not clear what you mean by this. Do you mean you're using the offline.tpl payment script to collect CC data and store it on your site?
Hi. Sorry for the late response. Yes, offline, no portal, just ssl secure. People have completed their order but the cart won't accept their credit card when entered when they go to submit. When they call us to advise, There is no problem with their card processing as provided. More often than not it seems to be those browsing with Chrome too.
If you're using offline, there is no submitting other than to store the data in the payment_info area of the order. What do you see in admin? Do you have any 3rd party addons that are actively doing something during checkout? What happens when YOU place a test order? Screenshots and error messages would help, otherwise we're all just guessing. Also check your php error_log for relevant entries.
Sorry, no, the orders ARE all placed online, secured by an SSL cert. It's just that some customers get an error message that their card as entered is incorrect and, yet after, when they call us, the same card processes manually through our terminal no problem. There is something stopping their cards as entered in the order form from completing so they can't get their order to close and we don't receive it either.
Then you're not using the offline processing.
What payment processor are you using?
we process manually, Clear the order of its credit card information, save it then dlete it from the cart's history
Sorry, I'm confused so will give up now.
You said you were using offline (which supports processing manually) but then you said your customers were saying that their card data was not accepted. The offline processor will do validation of the card number, cvv and expiry BEFORE the order is submitted If there's a problem it should be alerting the customers to which fields have issues.
There must be extra spaces or other errant data in the credit card info. But again, the customers should see a red box around the field(s) with problems.
THe customers do see the red box but say that they've entered their cards accurately with no additiional spaces, characters, etc and yet it won't allow them to submit it without the error message coming back
And what version of cs-cart are you running? The card number is verified via Javascript. If you're using an old version of cs-cart and a new card, it's possible that there is a bug in their javascript. But it uses an industry standard algorithm to validate that it's a proper card number.
Our version is 4.3.6 and I just ran a test purchase usine an expired card iand it submitted no problem
Further, it is a requirement when purchasing that the customer check off that they have read, anderstand and are in agreement with our Terms & Conditions but the order when received has no indication on it that they have!
the code checks the format of the number and verifies that it's a known type (based usually on the first 4 digits). It doesn't validate the expiry, balance available or anything else. It just validates the format of the information.
The T&C's are the same. If it's checked then checkout continues. If not, it will not proceed until checked. There is no statement in the order that they agreed. It is simply a function of the process.
A payment portal no doubt would catch an expired card and reject it accordingly but we process payment manually so it would be helpful if the cart recognized the invalid card otherwise we can be victimized by a fraud. Also, too, businesses rely on the customer having read, an understanding of and being in agreement with the order terms and conditions however, if the merchant has no tangible record of the customer having indicated so (like it appearingon their order copy and ours, the credit cards will chargeback the merchant. It happens all the time. Surely this can be integrated into the coding to permit protection for the business (CS-Cart's customer)!!!
If not perhaps EZ should look into developing a solution as it apparently applies with every CS-Cart operator so your market is substantial!
Happy to develop a solution for the T&C's agreement if there's a demand or perhaps you would like this as a customization for your site.. But seems that it should be part of the core. If you can demonstrate that the checkout process would NOT place an order if they didn't check the box then that would be sufficient in most arbitration.
You'll have to try a card number in the customer checkout that you believe fails and then work with cs-cart to get the validator fixed. Of course, the customers could be missing something and it really has nothing to do with their card. If you can recreate the issue, you should submit a bug in bugtracker and change the last-4 of the card number when you submit it to reproduce the defect.
I too have noticed this same problem on a storefront the accepts offline CC payments. I use the standard offline.tpl payment script. If I enter a bogus CC# 1234 5678 9012 3456 or some other obvious fake number, the payment is accepted and there is no apparent validation of the number.
I have submitted this to CS-Cart to get this reviewed and fixed. And, I will post the results back here. This is a potential liability to my clients since it opens them up to CC fraud.
CS-Cart 4.6.2
Suggest you capture the class attribute from the cc.tpl file for the credit_card field and ensure that the input field for your offline.tpl for credit_card uses the same class name.