Modification of Sagepay Tokens module to accept non-token payments
We are currently using the Sagepay Tokens module on our WHMCS installation but have a number of clients who do not wish to store card details at all and log in every time an invoice is due to make a fresh card payment.
Because the existing module will only use a token, if the customer opts to not save their card details (which auto generates a token), they get a "card declined message" and in the billing gateway, we get:-
Status => MALFORMED
StatusDetail => 3051 : The CardNumber field is required.
The only way around it at the moment is for the customer to save their card details first in their client area (which generates a token from sagepay), then go and pay the invoice and then return back to the card details section in the client area and delete them. This doesn't present a very easy order journey for the customer.
I have spoken to Sagepay and they have said that if a token isn't required then you need to pass the variable "CreateToken=0" to them meaning that their system will just process a card payment as normal but no token will be returned to be stored in the WHMCS database.
Logically, this should happen if the customer selects the "do not save card details" tick box on the WHMCS checkout page.
This is clearly a long standing issue - see post 7 (exactly the same issue) on the following page:-
It seems a fairly straightforward to fix to me but Support have said it is not a bug but should be presented as a new feature request - in my opinion the feature should have existed in the first place as clearly the scenario above wasn't thought about!
If anyone else has any thoughts on how this issue can be resolved without using multiple payment modules (token and non-token) then I would be interested to hear them.