SagePay Token payments Malformed

[sensedavid]

Hi,

 

Just wondered if anyone else is having problems accepting payments via SagePay Token after 5.2.2 update today?

 

Customers are told when making a payment - "Remote Transaction Failure. Please Contact Support." error to customer.

 

Live SagePay control panel says "Either an INVALID or MALFORMED response was returned. " delivery and cardholder addresses are blank. I believe cardholder address should be submitted to Sage normally

 

Thanks

David

[sensedavid]

Quick fix seems to be to revert /modules/gateways/sagepaytokens.php to version 5.1.4. This gets initial payments to work again, not sure about repeat payments yet though

 

Thanks

David

[DigitalEnigma]

Hi,

 

This is broken with 5.2, it was reported during the beta. Matt is looking into fixing this module. I'm currently waiting on an update from him for this.

[DigitalEnigma]

Hi,

 

I've been testing an updated module provided by Matt, this is working bar the removal of the token if a customer wishes to remove their card details, selects to not store them or we as admin remove them.

 

I have a support case logged with SagePay for this as the correct details are being passed by the module but for some reason it is returning an error that the token was not created by our vendor name.

 

Hopefully they'll have some answers on this so Matt can push the new module soon.

[sensedavid]

Hi Neil,

 

Matt has emailed me a fix tonight which i've installed and I am just waiting to see if auto payment go through in the morning and let you know. Not sure if this will be the same copy.

 

Thanks

David

[DigitalEnigma]

Hi David,

 

It may well be, hoping for a quick solution from SagePay to fix the token removal then the module should all be working.

[SteveTalbot]

Hi all,

 

I experienced a problem today with v5.2.5, when I tried paying an invoice as our test client. I chose the option not to store the card details, and I got the following response in the gateway log:

 

SagePay Tokens 3DAuth

VPSProtocol => 2.23

Status => MALFORMED

StatusDetail => 3051 : The CardNumber field is required.

 

Credit/Debit Card Remote Storage

VPSProtocol => 2.23

TxType => TOKEN

Status => MALFORMED

StatusDetail => 3051 : The CardNumber field is required.

 

But when I allowed WHMCS to store the card details, the transaction worked OK.

 

So if anyone else experiences the same issue, the fix is to go into Setup, General Settings, Security and untick the box next to "Allow Client CC Removal".

 

If you want to allow clients to make single payments by card, I guess the solution is to set up one of the other SagePay payment gateways as well.

 

Hope this is helpful to someone.

 

Cheers,

Steve

[sensedavid]

Hi Steve,

 

Surely this is bypassing the token system and storing in your mysql database instead of just a token?

 

Thanks

David

[DigitalEnigma]

Hi,

 

With the token module it only stores the token, last 4 digits, expiry date. I believe it also stored the start date and issue number if you have those enabled.

 

If you select to not store card details even though this module is not actually storing them then WHMCS will not store the token details.

 

If you allow clients to remove their card details it will remove the token both in WHMCS and from the sagepay servers.

 

@SteveTalbot I believe the errors you were getting is due to the legacy code in the token module to convert from the old none token gateway to a token - though I have advised Matt this will not work and have sent them an updated module with a number of fixes - not sure they will use the updated module in the next release or provide it to anyone else.