We were implementing Store Card flow with our existing SCA-enabled payments with Web Payments SDK. During testing with several Test cards from Sandbox Payments Docs The one Visa (4811 1100 0000 0008) with challenge type “No Challenge with Failed Verification” was successfully charged.
There was no challenge prompt as obvious. I thought it would also fail as “Failed Verification” but it was successfully charged.
However, after successful payment, the flow continues to store the card but there it failed with the following error “CARD_DECLINED_VERIFICATION_REQUIRED - Card declined. A verification is required to process this payment.” when creating the card with /cards API.
What should we show to the customer?
Maybe “Your card was successfully charged but was not able to store for future payments.”?
Due to what reason? we can’t show the message as Square returned “Card declined. A verification is required to process this payment.” because card was not declined at first and it was charged.
Is there any explanation? and a clue to about what’s the right way to do it?
Yes, a message like, “Your card was successfully charged but was not able to store for future payments,” would be appropriate for this scenario.
An important aspect of the SCA flow is that Square is only capturing the verification details and passing those along to the card providers who actually validate that information and decide what to do based on that. Those card providers may have different criteria for whether to accept a payment or card storage request, and failed verification does not necessarily always mean that the request is explicitly rejected — in some scenarios, the card provider may decide that there is sufficient information to determine that it’s a valid request despite mismatched verification information.
Alright; showing the message is of course a last resort but the problem is with the response which is not expected as documented. I didn’t use just any random card that would have resulted in a different response. When I am testing with the test cards, they must result in the response as documented for appropriate error handling. When a test card is not resulting in a as documented, how can I just assume what you explained or what SCA policy explains.
I hope I made my point. or it will be better if you could explain what should I expect from the following test card. I expect it to fail while attempting a charge due to failed verification, which just did not happen.
4811 1100 0000 0008 (No Challenge with Failed Verification)
