CreditCardVerification_3 verifies that a credit card number is valid (Validation), or verifies that a credit card is approved by the credit card vendor (Authorization). Also, this procedure performs reversal on already obtained approval code (Authorization reversal) from the credit card vendor. This transaction is available on both the Apollo and Galileo systems.
For Validation function, the credit card number and the CVV number (security code) are validated for the proper format. For example, a Visa card number is validated to confirm that it is 16 digits and begins with the digit "4". No data is sent to or received from the credit card vendor.
For Authorization/Reversal, the approval of the credit card is verified with the credit card vendor, the card is decremented by the requested value, and an approval code is returned. Client applications have the option of adding the CVV number for credit card authorization. See Credit Card CVV/CSC for details.
Credit card authorization must be used according to the requirements of the carrier that is be processing the card, as well as the requirements of the credit card vendor. Clients using this transaction in their applications must ensure that they understand these requirements before using the Galileo by Travelport Travel Distribution Services company (a subsidiary of Travelport) credit card authorization/reversal functionality. In particular, clients must note that Galileo by Travelport obtains authorization on behalf of the plating carrier, not the agency or travel provider. Galileo by Travelport does not participate in billing for the card. Billing is performed by the airline or by BSP on behalf of the airline.
Note: Galileo does not provide:
The CVV (Credit Card Validation Value), also known as the Card Security Code (CSC), is a three- or four-digit code embossed or imprinted on the reverse side of Visa, MasterCard, and Discover cards. The CVV displays on the front of American Express cards.
The CVV is an important security feature for travel providers who accept credit cards as a form of payment. In the card-not-present sales environment, the CVV helps to verify that the customer has a legitimate card in their possession at the time of the order. The usage of CVV is strictly optional, but highly recommend.
Each credit card entity has their brand name for the CVV:
Note: Diners Club is implementing the support of CVV as part of their alliance with MasterCard. However, this feature may not be currently available for a specific transaction request due to card re-issue timeframes.
In a transaction request, Galileo sends a message to the credit card vendor requesting authorization and CVV verification (when the CVV is present). The value ‘4’ from the card additional data indicator list is used for CVV processing (<CreditCardFOP>/<AdditionalInfoAry>/<AdditionalInfo>/<ID>). The transaction response also supports the additional CVV response code data, based on the card type used.
The response varies by credit card vendor:
Client applications have the option of adding CVV codes when accepting a credit card payment. Because this functionality can return new error responses from the CRS, clients may need to amend their automation processes or systems before implementing this transaction.
Payment card industry rules strictly prohibit the storage, usage, and display of the CVV data in profiles, booking files, or any database. The storage of the CVV is strictly prohibited subsequent to authorization. Therefore, Galileo does not provide the ability to store the CVV code in PRO-Files/Client Files, or to allow this data to be entered in any form of payment.
Note: Travel providers are encouraged to develop decision support criteria to govern payment acceptance and ticket delivery when a CVV response cannot be matched, processed, or is declined by the card vendor. Typically, if the CVV is rejected, or the authorization is refused, the travel provider should phone the credit card vendor for authorization. Frequently, when authorization attempts through Galileo are refused, a subsequent telephone request results in authorization. This authorization occurs because credit card vendors are able to ask for more information during the telephone call than can be provided in the CreditCardVerification_3 transaction response.
API Developer Notes can assist you when developing applications that use Galileo Web Services and XML Select. The following table lists the API Developer Notes that are applicable to this transaction and provides a description. Each document is a link to the PDF file:
|
Document |
Description |
|
Overview of the air shopping process and the associated Galileo Web Services transactions. |