Closed ataldev closed 1 year ago
H4wKs
commented
1 year ago Hi @ataldev ,
MangoPay API do not provide you the CVV of the card, so would have to save / store that information on your own, and then ask for it before calling a Payin with that specific registered card.
Another idea is to ask user to authenticate himself when he want to make a payment, so he can't do a payment being just authenticated with a remember me cookie.
Cheers,
Marc
ataldev
commented
1 year ago Of course the user will be authenticated to choose their card. In almost every other website that I use as a user, I am asked for my cvv before the payment. I thought it would be a good idea to add this layer of security. Also, I don't think we can save the CVV on our own server since that goes against the rules.
H4wKs
commented
1 year ago Of course the user will be authenticated to choose their card.
What I meant was "Strong Authentication" or "Reinforce authentication". Like if you leave your session unattended, even if someone try to pay because you are already logged in, it would ask you to authenticate yourself again or send a code by sms or email to be able to do the payment.
In almost every other website that I use as a user, I am asked for my cvv before the payment. I thought it would be a good idea to add this layer of security.
I agree, but the strong authentification can do the trick even if it's less user friendly.
Also, I don't think we can save the CVV on our own server since that goes against the rules.
True !
I have saved cards for a user and before making a PayIn, I want the user to type in the CVV to make sure. I can not find any piece of information regarding this. Not even ChatGPT could come up with an answer.