Problem with validating cvv

[RachelTakeuchi-minted]

I'm trying to validate a cvv for an American Express card, which expects a length of 4. I have a scenario where value=123 and maxLength=4 and I expect the cvv to not be valid, but it always says it is valid.

Does cvv validation just check for maxLength, and if it's less than that then it's valid? That doesn't make sense to me.. The problem is occurring in the min function, where it will always return the minimum DEFAULT_LENGTH if the maxLength I pass in is greater than it.

[crookedneighbor]

Hi @RachelTakeuchi-minted, it looks like our documentation around the cvv, postalCode, and the expiration date methods is incorrect. It says those return Boolean values, but instead, they return an Object with this signature:

{
  isValid: false, 
  isPotentiallyValid: true
}

So

var validityInfo = cardValidator.cvv('123', 4);
validityInfo.isPotentiallyValid; // true
validityInfo.isValid; // false

Does that help?

We'll update our documentation to correct the errors.

[jahirfiquitiva]

I'm having a similar issue... I have set maxLength to 4, but it is also considering 4 as the minLength, which means the validation checks that the CVV length is exactly the value of maxLength, which I don't think is what we expect when the property is named maxLength... I would expect any number between 1 and maxLength (4) digits to be valid.

I think this function needs an additional argument for minLength

https://github.com/braintree/card-validator/blob/4d4e4088bcfd94395ad3795de6524bff0dae7d63/src/cvv.ts#L48