Making the Credit Card CVV Field Optional in CiviCRM

We have a client that wanted to be able to process donations when the Credit Card’s CVV numbers were not available. I had thought this field was mandatory, and indeed, CiviCRM’s AuthorizeNet payment processor package requires it. But after talking with AuthorizeNet (the company) we discovered that the field is optional.

This is a useful trick that fellow CivicActions team member and CiviCRM wizard Matt Chapman showed me. Basically, the hook_civicrm_validate() function can be used to reset an error caused by a missing field. Here’s the entirety of the civicrm_cvv module:

* This removes the requirement for the CVV field in the credit card
* Requires Matt's patch to v3.1.6 CiviCRM core (now in 3.2.x core)
* See:
function civicrm_cvv_civicrm_validate( $formName, &$fields, &$files, &$form )
return true;

If running CiviCRM v3.1.x (we were running v3.1.6) you’ll need to hack core to get this to work. Fortunately, the hack is small (and it’s included in CiviCRM v3.2+). See the link in the code for the patch.

The better way to do this would be to add a setting to the AuthorizNet.php package in CiviCRM that can turn the requirements of this field on or off for each place it appears. Such a patch would likely be accepted by the CiviCRM team as there’s a strong argument to be made that if the provider considers the field optional, then the interface package should not require it. But that’s for another day.

For now, the client is happy and I learned a good use of hook_civicrm_vlaidate() that may well come in handy again.

2017-03-31T06:20:12+00:00 Categories: Development|

About the Author:

Fen joined CivicActions as an Engineer in 2005. Bridging the gap between the technical and business aspects of projects, he has a hand in all stages of software development, from requirements gathering and analysis to specification, implementation, documentation and maintenance. Fen is a change-maker both at work and in the world community, constantly seeking solutions to make things work better — from software to social justice and beyond.

Having spent over twenty years at the leading edge of programming, networks, system architecture, and information technology, Fen combines his deep experience and inventive drive to bring valuable improvements to CivicActions teams, processes, and clients. His pivotal contributions include:

  • Developing tools to support process flow and empower distributed teams to collaborate
  • Implementing a public key management system for smooth transitions of team members
  • Co-authoring the CivicActions Security Policy to ensure the safe handling of client data
  • Adding automated testing into the tool chain for better system performance
  • Exploring the inclusion of security compliance as part of continuous integration

Fen has served many high-profile clients during his tenure at CivicActions, including Amnesty International, Buckminster Fuller Institute, Democracy Now!, the Grammys, Women’s Funding Network, CNU, Sedona, SACNAS, EJUSA, Smithsonian Institution, and FosterClub. He is currently implementing an automated compliance process as the Information System Security Officer (ISSO) for the U.S. Department of Defense Security Cooperation Agency (DSCA).

Prior to joining CivicActions, Fen made many valuable contributions to his field through the founding of two companies (OpenPrivacy and Identity Commons) and his work on the Inter-Process Communication “socket” protocol with Bill Joy at Berkeley Systems Design. He also worked for General Magic and Oracle. As a student at M.I.T., he developed the first personalized “digital newspaper,” which resulted in a grant that helped launch the M.I.T. Media Lab.

Fen earned a combined Bachelors and Masters degree in Electrical Engineering and Computer Science from the Massachusetts Institute of Technology, where he was the founder and first president of the M.I.T. Ultimate Frisbee Club. He enjoys disc golf, mountain biking, photography, and watching his teenage son play hockey.