TransWikia.com

Why do some online stores not ask for the 3-digit code on the back of my credit card?

Personal Finance & Money Asked on July 11, 2021

How is it that some e-commerce stores are able to process credit card transactions without getting the 3 (or 4-) -digit security code from the back of my credit card?

What value does this code add if it’s optional in the end?

credit cardsecurity

7 Answers

As a general premise:
In most of the online transactions in case of dispute the benefit of doubt is given to the customer. IE if the customer refuses to pay and claims that its not his transaction, the card company reverses the charges and does not pay the merchant (or recovers if its already paid).

There are many types of online vendors who use a variety of methods to ensure that they are not at loss. Some of these are:

  1. Ensuring entry of 3-4 digit CVV indicating that if someone used the card, he was in possession of it. However anyone at a POS while swiping the card can make a note of this and misuse the card.
  2. Additional address/ZIP code validation. This ensure slightly better protection that for a misuse, the card number, the CVV, the address need to be known.
  3. In spite of this online merchants Factoring in the probable loss due to fraud and marking up the price of the product to that extent.
  4. Certain merchants like say Netflix is not bothered about any validation as their service involves delivering a movie to the doorstep everyday and they would know the customer much better and can easily track down errant subscribers. Plus the cost of fees is for a month of service recovered in advance. This may hold good for one time occassioanal delivery by say Amazon as the cost of tracking and getting back the goods is high. Even if the subscriber makes away with a DVD on the first go, the loss to Netflix is just the cost of DVD copy though the gain to thief may be the market price of such DVD.
  5. Similar is the case with say Norton or other virus service providers, they would simply deactivate the product code (if paid by card and later refused) when you go online and the purchase would be of no use.
  6. The online industry is also plagued with cases where the transactions are actually made by card owners, who after enjoying the services dispute the claim with the card providers.
  7. Certain countries like India have now mandated that all online card transactions be validated by additional password apart from card number and CVV. The password needs to be generated by contacting the merchant bank before online transactions are allowed. Of course there is still a debate if the merchant is outside India, why should he comply with the additional norm. If an card issued outside India is used in India, they may not have additional password issued by their card providers.

Correct answer by Dheer on July 11, 2021

There are different ways of credit card purchase authorizations. if some choose less secure method it's their problem. Merchants are charged back if a stolen card is used.

Answered by Vitalik on July 11, 2021

  1. They may verify the card by ZIP code, address, etc.
  2. They may accept additional risk for the sake of convenience/laziness. Since if transaction is rolled back, the merchant is the one who suffers, credit card companies would allow some merchants to get away with relaxed checks.

Answered by StasM on July 11, 2021

Some businesses verify the shipping address with the credit card company, and refuse to ship to an alternate address without additional, offline verification. Of course, this is only useful for physical goods.

Answered by KeithB on July 11, 2021

Given that the laws on consumer liability for unauthorized transactions mean no cost in most cases, the CVV is there to protect the merchant. Typically a merchant will receive a lower cost from their bank to process the transaction with the CVV code versus without.

As far as the Netflix case goes, (or any other recurring billing for that matter) they wouldn't care as much about it because Visa/MC/Amex regulations prohibit storage of the CVV. So if they collect it then it's only used for the first transaction and renewals just use the rest of the card info (name, expiration date, address).

Does the presence of CVV indicate the merchant has better security? Maybe, maybe not. It probably means they care about their costs and want to pay the bank as little as possible to process the transaction.

Answered by Jeremy on July 11, 2021

@Jeremy Using CVV doesn't decrease the transaction cost. I know this because I have quotes for CC transactions and the cost/transaction doesn't depend on using CVV. That said we don't plan to use CVV because we sell insurance and the likelihood that someone who steals CC will buy insurance is very low.

Answered by kanad on July 11, 2021

The truth is that Visa does not require a merchant to enter the cvv number before authorizing a transaction. The only information that is really needed is the credit card number and expiration date.

Answered by William Noah Alexis III on July 11, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Questions

Recent Answers

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP