[Adyen Hybris plugin] [Card Payment] Stored Card recurring payment security code is mandatory

[vinaykumarpendyamext]

Describe the bug

In Delijn for the merchant Account AD_ECOM_WEB, we have configured tokenization which do not require security code for recurring payments.
we have done a POC to integrate Adyen plugin with SAP Commerce, during analysis we have observed that we are successfully able to get stored card details in drop in but when we try to make payment using stored card it throws error saying security code is required which should not be the case.

• Commerce implementation: Delijn
• SAP Commerce version: 2211
• Test Merchant Account: AD_ECOM_WEB
• Adyen Hybris plugin version: 13.0.0
• Adyen API version: 71
• Payment method: card
• environment: Test

To Reproduce

1. Go to drop in
2. Stored Card details visible
3. User clicks on Pay
4. Error thrown -> checkout.error.paymentmethod.cse.missing

Expected behavior
Payment successfully go through without asking security code.

Desktop (please complete the following information):

• OS: Windows 11
• Chrome
• Version: 131.0.6778.85

Additional context
We found that for stored payment methods the plugin requires a CVC code to be presented, security code is not mandatory for tokenize payments but the plug-in does not support this . It only supports the mandatory CVC flow. as per implementation in plugin if request contains field "storedPaymentMethodId" then it also expects "encryptedSecurityCode"
API : /checkout/v71/payments

End point: com.adyen.commerce.controllers.PlaceOrderController.onPlaceOrder(String, HttpServletRequest)
Code reference: com.adyen.commerce.validators.PaymentRequestValidator.validate(Object, Errors)
Line no: 50-55
Error: checkout.error.paymentmethod.cse.missing
this blocks payment where tokenized payment can be done without cvc

[vinaykumarpendyamext]

Can you pls look into this issue as it is of high priority from client.