Oct 29, 2018

Why Can’t I Store the Credit Card Security Code on an Account/Reservation?


Why Can’t I Store the Credit Card Security Code on an Account/Reservation?


One of the terms of PCI-DSS explicitly prohibit merchants from storing credit card security codes otherwise known as CVV/CVC.

“A Card Verification Value code, CVV, (CVV2 for Visa, CVC2 for MasterCard and CID for AMEX) is the three or four digit number located either on the front or back of a credit or debit card. Merchant’s can request the CVV code from card holders as another way to screen fraudulent transactions. The idea is that someone using a stolen credit card is less likely to have this code so they will be unable to complete the transaction. With most payment systems, you can adjust settings to automatically reject transactions where the CVV code does not match the card number.

The effectiveness of this code is limited to the ability to keep it out of the hands of criminals, which is why it is prohibited by PCI Standards from being stored. For merchants who charge customers on a recurring basis, the CVV code can be used with the initial transaction but cannot be stored for future transactions. The use of the CVV code does not affect the rate you are charged. It only helps with reducing fraudulent transactions by verifying the identity of your customers. The CVV code is not needed to handle chargeback requests. So if you’re currently storing CVV numbers, it may be a good idea to reassess your procedures and delete them from your system as soon as possible. Here is a simple graph demonstrating what can and cannot be stored.”

The above information was written by Bryan Johnson for Braintree Payments

In Limo Anywhere, this means that you can enter a CVV/CVC code in the Payments window when processing a payment, but you can not store it for future use. When storing a Credit Card to a reservation or account, the CVV/CVC field is not available.

Limo Anywhere is PCI-DSS Certified as of November 2014.