Account Validation

Overview

The VGS Account Validation API allows merchants to determine if a particular cardholder’s account is valid and in good standing. The API currently provides four methods of account validation: Card Verification, Address Verification (AVS), Card Verification Code (CVC) Verification, and Name Verification (ANI). The ability to pre-validate an account increases the probability of a successful, seamless transaction flow.

This product is currently only available in North America.

Benefits of Account Validation

Account Validation is a critical security and operational process that verifies a cardholder's account is legitimate and valid before a transaction is processed. Merchants leverage this service to prevent fraud, improve operational efficiency, and enhance the overall user experience.

1. Risk Mitigation & Fraud Prevention

• Identity Assurance: By verifying that cardholder data aligns with the records on file, this service creates a robust barrier against the use of stolen credentials.

• Reduced Chargebacks: By validating accounts upfront, merchants proactively mitigate 'unauthorized transaction' claims. This leads to a significant reduction in costly chargeback fees and protects the business from associated merchant penalties.

• Pre-emptive Screening: It serves as a critical gatekeeper, intercepting fraudulent or invalid cards before they enter merchant's ecosystem or occupy space in their secure vault.

2. Improved Operational Efficiency

• Higher Authorization Rates: High-quality data minimizes declines. By submitting validated information, merchants provide issuing banks with greater transaction confidence, which directly translates to higher authorization and approval rates.

• Lower Administrative Costs: Manual resolution of payment failures is both costly and labor-intensive. By automating the validation process, merchants minimize the need for customer support intervention and streamline dunning cycles, allowing the team to focus on high-value tasks.

• Elimination of "Orphaned" Data: Validating cards prior to storage ensures your database contains only actionable, verified payment methods. This proactive approach maintains high data hygiene and optimizes the efficiency of your secure vault.

3. Enhanced User Experience

• Immediate Feedback: Real-time validation enables immediate feedback during onboarding and card linkage. By alerting customers to correct card details instantly, merchants prevent the frustration of delayed transaction failures and ensure a seamless experience.

• Reduced Friction: For recurring services (like subscriptions), successful validation ensures the first "real" billing cycle happens smoothly, preventing service interruptions for the customer.

Methods of Account Validation

Generally, the card ID is a required field in the request, which includes the Payment Account Number (PAN). The presence of other fields determines which checks are performed. See more in the Account Validation Spec.

1. Card Verification: This service verifies the account authenticity and integrity before authorization. It ensures the account is a legitimate, issued account with a valid check digit, and critically, confirms that it is an open account and not currently flagged as lost or stolen. This provides an essential foundation for fraud mitigation. Performed by default.

2. CVC Verification: The 3-4 digit Card Verification Code (CVC) is required if CVC validation is to be performed. This service is used to determine if the issuer of the account recognizes the CVC value given by the user. This will help verify that the cardholder has the physical card in their possession.

3. Address Verification: The service validates the provided billing address against the address on file with the card issuer. The resulting Address Verification Service (AVS) status provides critical data for assessing transaction authenticity. Postal code is mandatory for all address validations. While a postal code can be validated as a standalone field, full address cannot be verified without postal code.

4. Name Verification: Enhances your card-not-present fraud mitigation with Real-Time Name Match. This service allows you to verify the account name information against participating Issuers before sending a full financial request, providing a robust, layered approach to account verification and risk management.

   Name verification requires at least a Last Name. While a Last Name can be validated independently, a First Name must be accompanied by a Last Name to be verified.

How it works with VGS

• The Account Validation (AV) service utilizes direct network connectivity to cross-reference merchant-supplied cardholder data against issuing bank records in real time upon each request.

• The Account Validation (AV) service is accessible through the VGS CMP. As a prerequisite, users must generate a Card ID via the card creation endpoint. This Card ID is then used to trigger the Account Validation endpoint.

• The Account Validation API offers a modular approach, allowing merchants to access the full suite of services or specify individual features.

• By default, the API performs standard Card Verification. If a cardholder’s name, billing address, or CVC are included in the request, they will be validated accordingly.

  • Validation is performed on data explicitly provided in the API call; previously stored card object attributes are not utilized for these checks.

  • Card IDs associated with expired PANs are considered ineligible for validation.

• See the Validation Response Codes reference here.

Onboarding

1. Account Setup & Prerequisites: Before merchants can use the Account Validation (AV), their account must be configured.

   1. Enable Account Validation on Your Account: Account Validation must be explicitly enabled for your VGS account. Please contact [email protected] or merchant-designated VGS implementation representative to have this feature activated.

   2. Configure Service Account: Once Account Validation is enabled, merchants should configure their Service Account with the necessary permissions, including the account-validations:write scope (in addition to cards:read and cards:write).

2. Merchants are required to provide the following information during every request:

   1. Merchant Name

   2. Merchant Address

      1. city

      2. state

      3. country

      4. zip Code

Supported Networks

Limitations

• Only Visa cards are currently supported for sandbox testing. Other card networks (Mastercard, Amex, and Discover) are not available in the sandbox environment.