The CVV code (Card Verification Value) is a three digit number on the back of Visa, MasterCard and Discover credit and debit cards. On an American Express, it is a 4 digit numeric code on the front of the card.
This number is used during online transactions to prove to the merchant (your payment gateway), that the card is physically present when the transaction is being submitted.
For one-time transactions, such as event tickets or merchandise sales, this is a great way to reduce the possibility of fraud and reduces risk for the receiving organization.
The problem with CVV codes and recurring donations.
If you are accepting recurring donations however, requiring a CVV code creates a major problem. The first transaction which is accepted creates the pledge schedule in your Databank and all further transactions will duplicate the intial transaction. However, PCI DSS (Payment Card Industry Data Security Standards) compliance forbids storing CVV codes.
What this means is that a recurring transaction which requires a CVV code will not recur.
The first transaction will process as expected. When the next scheduled pledge is processed, it will no longer have the CVV code which was included in the original transaction and will be denied by the issuing bank. For this reason, thedatabank recommends that for any donation page which accepts recurring donations, the Require Card Code box remain unchecked.
Please sign in to leave a comment.