[freeside-commits] branch FREESIDE_3_BRANCH updated. 39d548ee2abd261b399a94f3958ec1cf0cbbe557

Jonathan Prykop jonathan at 420.am
Sat May 28 17:11:36 PDT 2016 

The branch, FREESIDE_3_BRANCH has been updated
       via  39d548ee2abd261b399a94f3958ec1cf0cbbe557 (commit)
       via  246fe26e15bfcb9783f4e69ac03fd12d7528dbeb (commit)
      from  b43dc5871854ed8662f75f5ee00229bd761bedd4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 39d548ee2abd261b399a94f3958ec1cf0cbbe557
Author: Jonathan Prykop <jonathan at freeside.biz>
Date:   Sat May 28 18:42:30 2016 -0500

    RT#57135: Credit card validation: take action based on AVS response [warnings in system log, v3 merge]

diff --git a/FS/FS/cust_main/Billing_Realtime.pm b/FS/FS/cust_main/Billing_Realtime.pm
index 419045a..f5b96f2 100644
--- a/FS/FS/cust_main/Billing_Realtime.pm
+++ b/FS/FS/cust_main/Billing_Realtime.pm
@@ -1924,6 +1924,8 @@ sub realtime_verify_bop {
     }
   }
 
+  my $log = FS::Log->new('FS::cust_main::Billing_Realtime::realtime_verify_bop');
+
   if ( $transaction->is_success() ) {
 
     $cust_pay_pending->status('authorized');
@@ -1968,6 +1970,7 @@ sub realtime_verify_bop {
       my $e = "Authorization successful but reversal failed, custnum #".
               $self->custnum. ': '.  $reverse->result_code.
               ": ". $reverse->error_message;
+      $log->warning($e);
       warn $e;
       return $e;
 
@@ -2006,6 +2009,7 @@ sub realtime_verify_bop {
     # Neither address nor postal code matches N N N N
 
     if (my $avscode = uc($transaction->avs_code)) {
+
       # map codes to accept/warn/reject
       my $avs = {
         'American Express card' => {
@@ -2059,13 +2063,18 @@ sub realtime_verify_bop {
       my $cardtype = cardtype($content{card_number});
       if ($avs->{$cardtype}) {
         my $avsact = $avs->{$cardtype}->{$avscode};
+        my $warning = '';
         if ($avsact eq 'r') {
           return "AVS code verification failed, cardtype $cardtype, code $avscode";
         } elsif ($avsact eq 'w') {
-          warn "AVS code verification did not occur, cardtype $cardtype, code $avscode";
+          $warning = "AVS did not occur, cardtype $cardtype, code $avscode";
         } elsif (!$avsact) {
-          warn "AVS code verification did not occur, unknown avscode, cardtype $cardtype, code $avscode";
+          $warning = "AVS code unknown, cardtype $cardtype, code $avscode";
         } # else $avsact eq 'a'
+        if ($warning) {
+          $log->warning($warning);
+          warn $warning;
+        }
       } # else $cardtype avs handling not implemented
     } # else !$transaction->avs_code
 
@@ -2092,7 +2101,9 @@ sub realtime_verify_bop {
       $self->payinfo($transaction->card_token);
       my $error = $self->replace;
       if ( $error ) {
-        warn "WARNING: error storing token: $error, but proceeding anyway\n";
+        my $warning = "WARNING: error storing token: $error, but proceeding anyway\n";
+        $log->warning($warning);
+        warn $warning;
       }
     }
 
diff --git a/FS/FS/log_context.pm b/FS/FS/log_context.pm
index 718b4d5..ddea771 100644
--- a/FS/FS/log_context.pm
+++ b/FS/FS/log_context.pm
@@ -9,6 +9,7 @@ my @contexts = ( qw(
   bill_and_collect
   FS::cust_main::Billing::bill_and_collect
   FS::cust_main::Billing::bill
+  FS::cust_main::Billing_Realtime::realtime_verify_bop
   FS::Misc::Geo::standardize_uscensus
   Cron::bill
   Cron::upload

commit 246fe26e15bfcb9783f4e69ac03fd12d7528dbeb
Author: Jonathan Prykop <jonathan at freeside.biz>
Date:   Fri May 27 01:36:15 2016 -0500

    RT#57135: Credit card validation: take action based on AVS response

diff --git a/FS/FS/cust_main/Billing_Realtime.pm b/FS/FS/cust_main/Billing_Realtime.pm
index 2a9e869..419045a 100644
--- a/FS/FS/cust_main/Billing_Realtime.pm
+++ b/FS/FS/cust_main/Billing_Realtime.pm
@@ -1973,6 +1973,102 @@ sub realtime_verify_bop {
 
     }
 
+    ### Address Verification ###
+    #
+    # Single-letter codes vary by cardtype.
+    #
+    # Erring on the side of accepting cards if avs is not available,
+    # only rejecting if avs occurred and there's been an explicit mismatch
+    #
+    # Charts below taken from vSecure documentation,
+    #    shows codes for Amex/Dscv/MC/Visa
+    #
+    # ACCEPTABLE AVS RESPONSES:
+    # Both Address and 5-digit postal code match Y A Y Y
+    # Both address and 9-digit postal code match Y A X Y
+    # United Kingdom – Address and postal code match _ _ _ F
+    # International transaction – Address and postal code match _ _ _ D/M
+    #
+    # ACCEPTABLE, BUT ISSUE A WARNING:
+    # Ineligible transaction; or message contains a content error _ _ _ E
+    # System unavailable; retry R U R R
+    # Information unavailable U W U U
+    # Issuer does not support AVS S U S S
+    # AVS is not applicable _ _ _ S
+    # Incompatible formats – Not verified _ _ _ C
+    # Incompatible formats – Address not verified; postal code matches _ _ _ P
+    # International transaction – address not verified _ G _ G/I
+    #
+    # UNACCEPTABLE AVS RESPONSES:
+    # Only Address matches A Y A A
+    # Only 5-digit postal code matches Z Z Z Z
+    # Only 9-digit postal code matches Z Z W W
+    # Neither address nor postal code matches N N N N
+
+    if (my $avscode = uc($transaction->avs_code)) {
+      # map codes to accept/warn/reject
+      my $avs = {
+        'American Express card' => {
+          'A' => 'r',
+          'N' => 'r',
+          'R' => 'w',
+          'S' => 'w',
+          'U' => 'w',
+          'Y' => 'a',
+          'Z' => 'r',
+        },
+        'Discover card' => {
+          'A' => 'a',
+          'G' => 'w',
+          'N' => 'r',
+          'U' => 'w',
+          'W' => 'w',
+          'Y' => 'r',
+          'Z' => 'r',
+        },
+        'MasterCard' => {
+          'A' => 'r',
+          'N' => 'r',
+          'R' => 'w',
+          'S' => 'w',
+          'U' => 'w',
+          'W' => 'r',
+          'X' => 'a',
+          'Y' => 'a',
+          'Z' => 'r',
+        },
+        'VISA card' => {
+          'A' => 'r',
+          'C' => 'w',
+          'D' => 'a',
+          'E' => 'w',
+          'F' => 'a',
+          'G' => 'w',
+          'I' => 'w',
+          'M' => 'a',
+          'N' => 'r',
+          'P' => 'w',
+          'R' => 'w',
+          'S' => 'w',
+          'U' => 'w',
+          'W' => 'r',
+          'Y' => 'a',
+          'Z' => 'r',
+        },
+      };
+      my $cardtype = cardtype($content{card_number});
+      if ($avs->{$cardtype}) {
+        my $avsact = $avs->{$cardtype}->{$avscode};
+        if ($avsact eq 'r') {
+          return "AVS code verification failed, cardtype $cardtype, code $avscode";
+        } elsif ($avsact eq 'w') {
+          warn "AVS code verification did not occur, cardtype $cardtype, code $avscode";
+        } elsif (!$avsact) {
+          warn "AVS code verification did not occur, unknown avscode, cardtype $cardtype, code $avscode";
+        } # else $avsact eq 'a'
+      } # else $cardtype avs handling not implemented
+    } # else !$transaction->avs_code
+
   } else { # is not success
 
     # status is 'done' not 'declined', as in _realtime_bop_result

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/cust_main/Billing_Realtime.pm |  109 ++++++++++++++++++++++++++++++++++-
 FS/FS/log_context.pm                |    1 +
 2 files changed, 109 insertions(+), 1 deletion(-)

More information about the freeside-commits mailing list