<br><br><div><span class="gmail_quote">On 10/20/05, <b class="gmail_sendername">trixter aka Bret McDanel</b> <<a href="mailto:trixter@0xdecafbad.com">trixter@0xdecafbad.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Thu, 2005-10-20 at 21:44 -0700, snacktime wrote:<br>> The name is not used for card verification. Never has been. You<br>> might be using software or an internet gateway that requires it, but<br>> that information is not sent in the authorization request to the bank,
<br>> and it's not required. I've certified to just about every bank<br>> network there is in the US, and I've never seen a specification yet<br>> that requires the cardholders name.<br>><br>> And that being the case, it doesn't matter what you send in the name
<br>> field.<br><br>Hmm.. when I wrote code to directly talk to the banks we had to send it<br>and the name would cause problems if it didnt match. This was not to a<br>gateway this was software for the gateways. And now with fraud concerns
<br>being higher I would assume its more critical. Keep in mind this is not<br>for transactions where the card is present, on those the physical aspect<br>of the card is used (however secure that is supposed to be).<br></blockquote>
</div><br>
When you say software for the gateways, you mean you integrated with
third party software that connected to one of the processing
networks? Do you remember the name of the network that was
used? I guess there could be a network that checks the name, but
I'd have to see it to believe it. Vital, Firstdata, Global
Payments, Paymentech, Nova.. None of those are capable of
checking the cardholder name. And together they probably make up
over 95% of all card processing in the US. <br>
<br>
So even if there is some obscure processor that can check the name,
it's not the norm. Now if you are connecting to someone below the
major processing networks that adds on their own checks, that's a
different story. However most internet gateways dont' check the
name. Verisign doesn't, authorizenet doesn't, we don't.<br>
<br>
Chris<br>