API Reference

AVS with Card Query

Address Verification Service (AVS) is a fraud prevention mechanism that reduces fraud and chargebacks. The service verifies if the card issuer recognizes the address provided by a cardholder. The results of the verification will help you determine whether to accept or decline a particular transaction or take further action. AVS is effective to both reduce fraud and reduce chargebacks.
Availability: It is available worldwide.

How to use AVS

First, use the Card Query API to get the AVS Code. Depending on the response, you may elect to move forward with the transaction.

📘

Confirming Your Card is Live

First you need to get network response code of 00 or 85 (this tells you a card is live and can transact).

Example if you want both Zip and Address to match:

*NOTE: This is a pseudo-code example to provide the general idea of how to use AVS. This is not actual code that would run. This represent only a fraction of the AVS codes, please go to our AVS Response Codes page for all possible combinations

// Assuming you have retrieved the AVS response code via the Card Query API.
AVSResponseCode = queryCard();

// Both Zip and Address match. 
// Note Discover has a different response code than Visa, MC, or Amex.
if(AVSResponseCode == 'Y' && cardType == "Visa"){
	createTransaction();
  
  
} else if (AVSResponseCode == 'Y' && cardType == "MC"){
	createTransaction();
  


} else if (AVSResponseCode == 'Y' && cardType == "Amex"){
	createTransaction();
  


} else if (AVSResponseCode == 'A' && cardType == "Discover"){
	createTransaction();
  


} else {
	rejectTransaction();

}


function createTransaction(){
	// Call the create transaction API.
}

function queryCard(){
	// Call card query API, and return response code.
}

function rejectTransaction(){
	// Your process for rejecting a transaction.
}

How to check the expiration date?

When you call CardQuery with the ?AVS flag you will get the following as part of your response block:

"AVS": {  
    "avsID": "D1Xdr2dGHjGnJ0b07vcXEB",  
    "networkRC": "85",  
    "networkID": "422330486047511",  
    "resultText": "NOT DECLINED",  
    "codeAVS": "Z",  
    "codeSecurityCode": "M",  
    "EC": "0"  
  }

If you are planning on doing a pull transaction, then you want to look at the “networkRC” field. Basically, we take a preview of whether the card would be declined because of a bad exp date or other reasons. If “networkRC” is “00” then exp date should be correct. If you get a different code you can use the following page to determine the reason: Network Response Codes. You may still get a decline after this check for other reasons including, but not limited to: amount limits, other checks by the issuer, etc.

📘

Checking the expiration date is up to the issuer

It is important to note that AVS involves a message being sent to the issuer for verification. It is up to the issuer to verify things like expiration date, etc. Depending on the validation rules used by the issuer, it is possible to see a different NetworkRC at the time of transaction.

Card Query Request with AVS

In order to use this functionality, you must provide BOTH the expiration date and the address. For field descriptions, refer to Query Card.

{
    "card": {
        "accountNumber": "8505840124999998",
        "expirationDate": "202708",
        "securityCode": "999"
    },
    "owner": {
        "name": {
            "first": "Test",
            "last": "Name"
        },
        "address": {
            "line1": "999",
            "city": "San Francisco",
            "state": "CA",
            "zipcode": "99992",
            "country": "840"
        },
        "phone": {
            "countryCode": "1",
            "number": "5555555555"
        }
    },
    "currency": "840",
    "timeout": "39"
}

📘

Using Account IDs With Card Query + AVS or ANI

If you are performing AVS or ANI with the Query Card request, then you must include the Owner Object.

If you are using accountID’s we would also suggest you look at our TabaPay Account Updater (TAU) service. It will automatically keep cards refreshed for expiry dates.

Card Query Response

Here is an example response to calling Card Query + AVS.

{
  "SC": 200,
  "EC": "0",
  "card": {
    "bin": "411111",
    "last4": "1111",
    "pull": {
      "enabled": true,
      "network": "Visa",
      "regulated": true,
      "currency": "840",
      "country": "840"
    },
    "push": {
      "enabled": true,
      "network": "Visa",
      "type": "Debit",
      "regulated": true,
      "currency": "840",
      "country": "840",
      "availability": "Immediate"
    }
  },
  "AVS": {
    "networkRC": "85",
    "resultText": "NOT DECLINED",
    "codeAVS": "Z",
    "codeSecurityCode": "M",
    "EC": "0"
  }
}

Create Transaction

👍

Almost done! Don't forget to create a transaction.

Once you have examined the AVS response code and have decided to move forward with the transaction, you have to call the Create Transaction API.

AVS Check allows you to check if the address you received from your customer matches what the issuer has on file. Once you receive this information, you may decide to move forward with the transaction. Your next step is to call the create transaction API.

Create Account

It is recommend that you call Card Query + AVS before creating an account. The createAccount API does not perform any additional validations on the card, so it is possible to create an account with a bad card.

The Card Query API provides additional information about the card that can help your team decide whether or not to create an account.

Questions? Contact Sales or make a post