Reaction: Incorrect Card Validation in payments-authnet

Created on 1 Mar 2018 · 4Comments · Source: reactioncommerce/reaction

Your documentation mentions that "by default" it checks to make sure the number is between 12 and 19 digits. See here: https://docs.reactioncommerce.com/reaction-docs/master/payment-packages-authnet

However, this is not the case. In the schema it checks for 12-19 digits.

https://github.com/reactioncommerce/reaction/blob/766c97ebfacec67afecedb021cb3bac79658d1f1/imports/plugins/included/payments-authnet/lib/collections/schemas/authnet.js#L48-L53

However, in the method it checks for 14-16 digits.

https://github.com/reactioncommerce/reaction/blob/766c97ebfacec67afecedb021cb3bac79658d1f1/imports/plugins/included/payments-authnet/server/methods/authnet.js#L46

bug

Source

zikeji

Most helpful comment

I feel like we need to refactor some of these checks into some common helpers, etc. because I bet this is also inconsistent in other payment methods.

zenweasel on 1 Mar 2018

👍2

All 4 comments

@zikeji Does this result in an actual problem for you (i.e. rejecting a valid card) or are you just pointing out an inconsistency?

zenweasel on 1 Mar 2018

I feel like we need to refactor some of these checks into some common helpers, etc. because I bet this is also inconsistent in other payment methods.

zenweasel on 1 Mar 2018

👍2

@zenweasel During my testing of the Authorize.net payment gateway it did impact me. The test numbers they give you to test certain API responses all are 13 digits. In addition, a 13 digit Visa is a valid length.

zikeji on 2 Mar 2018

@zikeji Thanks for the feedback. Based on your that bumping up to impact-major

zenweasel on 5 Mar 2018

Was this page helpful?

0 / 5 - 0 ratings