cancel
Showing results for 
Search instead for 
Did you mean: 

Braintree Error Messages

0 Kudos

Braintree Error Messages

Feature request from sbrendtro, posted on GitHub Mar 24, 2017

Opening this issue, referencing #7983, as it still needs to be properly addressed.

Whenever there is a decline of any sort from Braintree, the message is not passed back to the user. Rather, the end user simply sees "An error occurred on the server. Please try to place the order again." This makes no sense, as it wasn't a server error... it was a processor decline of some sort.

We have seen this issue for "Invalid Credit Card Number", "Voice Authorization Required", and others. Pretty much any time Braintree doesn't approve the transaction, it will look like a server error to the end user. This needs to be fixed. I would do it myself, but I am having trouble figuring out exactly where in the code to override the response.

As @joni-jones mentioned, "Magento provides only high-level errors by design it allows to make an application more secure." This may be true, but telling the end user that the error is on the server, rather than an issue with the card they provided, is not acceptable. We're losing enough business over this that we're already looking at switching to another payment gateway.

Steps to Reproduce

Check out with Braintree payment option Give any payment info that will cause a decline

Expected Result

Either:

  • The response message directly from Braintree. (While this may not be the best error message 100% of the time, it certainly is better than the current error shown to the user.) This should come from the Braintree response object (response->params->message)
  • 'The payment method was declined. Please check your payment details.' (If a generic message is indeed preferable, as @jani-jones mentioned in #7983)
6 Comments
Not applicable

Comment from cowley, posted on GitHub Mar 29, 2017

We are also having the same issue. Which version of Magento are you using?

Not applicable

Comment from sbrendtro, posted on GitHub Mar 29, 2017

@cowley, from our experience this has been the case on both 2.0 and 2.1. We are currently running 2.1.4.

Not applicable

Comment from cowley, posted on GitHub Mar 29, 2017

@cowley, from our experience this has been the case on both 2.0 and 2.1. We are currently running 2.1.4.

Do you still have this issue on 2.1.4? Have you come up with a fix?

Not applicable

Comment from sbrendtro, posted on GitHub Mar 29, 2017

Yes, we still have the issue on 2.1.4.

Not applicable

Comment from KrystynaKabannyk, posted on GitHub Mar 29, 2017

hi @sbrendtro, thank you for reporting the issue! Some of error messages have been fixed by MAGETWO-53457 for 2.2.0, some errors cannot be fixed from security perspective or they come from server side. I created additional ticket MAGETWO-66917 for messages to investigate what could be improved, and MAGETWO-66918 - to investigate possible approaches for successful order placement without payment.

Not applicable

Comment from scottsb, posted on GitHub Mar 29, 2017

We have seen the same error, and while we have not implemented it yet, the approach we have in mind is to create a "around" interceptor plugin for the savePaymentInformationAndPlaceOrder method on PaymentInformationManagementInterface and PaymentInformationManagementInterface.

This would:

  1. Catch the CouldNotSaveException exception thrown by the core method
  2. If the original ("previous") exception ($e->getPrevious()) is an instance of Braintree_Exception (or if we want to be more restrictive, the particular subclass), then rethrow that original exception, allowing its message to be passed to the front-end.
  3. Otherwise, rethrow the obfuscated CouldNotSaveException.

This could be bundled into its own module and open sourced (we'll do if if we get a chance), which would be helpful in the the long term if Magento ultimately decides they don't want to reveal these messages in the core code.