That should be all that you need to do if you are using the same type of payment service. As for the payment going through with incorrect information, this can happen. First there is no check that looks at the name that is provided. The only checks are the CSC and AVS checks. So regardless if you enter in the incorrect name or expiration date, the payment can still go throgh. For example, the exp date gets passed over to the processor and then on to the card issuing bank. So they may or may not even look at the exp date, there is no real check to make sure it matches. I have seen some cards get approved and others get declined.
As for the AVS and CSC checks, keep in mind that the gateway sends them to the processor who in turns sends them to the card issuing bank. Then the response is sent back to the processor > gateway > merchants website. Again the bank will approve these transactions, they simply send back if it matches or not. Its then up to you to reject the transaction based on the response. The only way the bank declines them is if the card holder has some time of security checks set up on their acct stating the AVS and CSC must match. When you get the response back on your side that they dont match, you can either code the logic into your system to reject/credit/void these transactions or you can add on and set up filters on your PayPal or Payflow account to automatically do this for you.