Closed chdietz closed 9 years ago
Sure, that's fine. The marketplace is the entity that gets to make this decision (within reason), as long as their fraud levels are acceptable low. Create a Customer
with a .name
attribute, do the same for a Card
, and if they don't match, decide how you want to proceed, just as if an AVS or CVV check had failed.
I have a question on the relationship between Customer and Card, BankAccount
The documentation states: A Customer resource represents a business or person. Card and BankAccount resources may be associated to a Customer.
Is it ok for a customer to have a card associated to them that is not theirs but they have permission to use? Sounds like this is ok based on comments here: https://github.com/balanced/balanced-api/issues/627
Would this be ok: A marketplace has a customer Fred Smith. There is a card issued to Fred that has been tokenized and associated with the customer Fred Smith. A card for his sister Mary Smith has also been tokenized and associated with the Fred Smith customer. Both of these cards are used to debit orders. Is this ok? Does balanced do any validation between who the customer is and who the account holder of the card is?