Tokenization vs. validation
Credit cards are not automatically validated upon token creation. A successful Create Token request means a card has a valid number pattern according to its expiration date and the Luhn algorithm. It also means a token was successfully created in the PaymentsOS system. However, it does not mean the card is able to make payments successfully. This is because a Create Token API request does not send the card to be validated by a card issuer.
Validation via authorization
A small-amount transaction can be made to verify the card is able to make payments. In order to validate a credit card, you can create a token, then grab the token and the encrypted CVV from the response. Pass these along in a Create Authorize request. A successful authorization means the card issuer has approved the transaction and the card is valid. A failed authorization means the card issuer has rejected the transaction and the card may not be valid for future payments.
We recommend using a small amount for the authorization, and then voiding the transaction. The cardholder may see a "charge" on his card for the authorization amount; however, you can assure the cardholder that this is merely temporary and the "charge" should disappear soon.