Another Commerce Server 2009 gotcha: implicit CreditCardPayment validation
Found out the hard way that the CreditCardPayment class has internal validation that runs when you set the ExpirationYear and ExpirationMonth properties:
- ExpirationYear must be between 1000 and 9999;
- ExpirationMonth must be between 1 and 12;
This became problematic when we integrated with Beanstream and Authrorize.NET; without PCI compliance we don’t receive the expiration date of the purchaser’s credit card.
Without hacking into the payment system and substituting in our own CreditCardPayment class we had to pick values within those ranges to represent the “empty” state.