Closed Paratron closed 8 years ago
@Paratron the tokenizeCard
method provided by our raw api client is designed in such a way to allow developers the ability to use any validation mechanism they so choose. In our products such as Drop-in and Hosted Fields this validation is handled for you. If you would like to handle your own validation and card type detection, we have a couple libraries to help you do that:
https://github.com/braintree/card-validator https://github.com/braintree/credit-card-type
Also, these blog posts may be of some interest as well:
https://www.braintreepayments.com/blog/building-an-open-source-payments-toolkit-for-the-web/ https://www.braintreepayments.com/blog/your-checkout-our-iframes/
Thats a nice information, thank you. Sadly, your documentation lacks this information completely. There is no notice about tokenizeCard
not doing any verification (I would have assumed that it does at least refuse nonsense input) in the docs and also no links about that there are other libraries for validations available.
@Paratron we have made some updates to our documentation to clear up these points and that should be released soon. Thanks for your feedback, it was very helpful!
When processing credit card payments, the
tokenizeCard
method always returns a nonce, no matter what data is passed to it. If you send a malformed cc-number, no number at all, or invalid expiration dates - the braintree server always returns a nonce.Only at the point where you try to process a payment with the received nonce, you will get an error from braintree.
There really needs to be a
validateCardNumber
method in the SDK that can pre-check the entered CC-data before sending it somewhere (for example using the Luhn algorithm) - or maybe even the braintree server itself returning an error when you call thetokenizeCard
method and try to tokenize malformed cc-data.It would be great if there would be live-errors for:
To give users some live feedback before trying to finish the whole process with invalid cc information.