Word on the street is the some Merchant Services provide a discount of some sort when a credit card is processed with a CVV attached to it. Also, some cards kick back because the banks think the charge is fraud (especially when processing Club batches), which either creates a hassle for the customer as they will have to call their bank to authorize the charge prior to us WC Managers being able to re-bill their formerly declined card, or the customer never ends up calling their bank and therefore the charge never goes through and thus we’re all missing out on a sale (multiple when processing Club batches) - I would put money on that the likelihood of a bank marking a charge as fraud would decrease if the CVV was listed. Currently, the CVV field is only available whilst building an order - I feel that there is good reason to have it listed within the Manage Club page and the Manage Credit Cards page (of course, still as an optional field to use). Naturally, this would make things easier for the customer, save wineries money on credit card processing fees, and overall increase more potential sales.
Hi @K80 - we recommend checking out this article going over the details of CVV Code and PCI Compliance: https://blog.pcisecuritystandards.org/faq-can-cvc-be-stored-for-card-on-file-or-recurring-transactions
Unfortunately, we are not able to store CVV Code for recurring transactions like Club Orders due to PCI Compliance rules. These values are not needed for card-on-file or recurring transactions, and storage for these purposes is prohibited under PCI DSS Requirement 3.2.
Hope this helps and sorry for the limitations.
Hi Carisen! Ah shucks, that’s a bummer. Not even if it’s hidden/encrypted?
The purpose of the CVV is to add another layer of protection against fraudulent transactions. If a transaction database storing card numbers and expirations is ever hacked or decrypted, then they are harder to use without the CVV number. That is why PCI standards strictly prohibit the storage, otherwise, there wouldn’t be a point to even using CVV.
Totally makes sense and I appreciate as a Consumer. I guess I was just hoping that banks/credit card companies would have a way to encrypt it so it’s hack-proof so my Members don’t get a decline from “fraud” protection and I can rake more dough in. …wishful thinking.
Well, keep in mind that CVVs aren’t required. They are just another layer of protection and achieves that through being un-storable anywhere, so there isn’t the threat of them being hacked or decrypted. Because using CVV reduces risk for everybody, there are often financial incentives for businesses to go through the hassle of using it.
Truth.