Get cashback up to AED 2000
The card security verification code commonly known as CVV is one of the steps taken by credit card providers and online merchants to ensure that there is no case of cyber-crime related to credit cards. With the help of CVV code, online merchants and credit card companies ensure that the transaction made by the credit card is being done by the original cardholder only. The one and only way by which a cardholder can reveal the CVV code is to be in the possession of the card.
CSC or CVV was initially developed in the UK by Michael Stone who was an Equifax employee in the year 1995. In the beginning CVV code was an eleven-character alpha-numeric code that was designed and developed to enhance security associated with online transactions. Later after several phases of testing with Littlewoods shopping group and NatWest bank the system and concept were adopted by the United Kingdom Association for payment clearing services (APACS) which were later streamlined to three-digit code.
MasterCard which is one of the largest market players when it comes to credit cards began issuing CVV codes in the year 1997. Later, Visa issued CVV codes for its on their credit cards in the year 2001. American express which another big name in the credit card market began providing CVV codes in 1999 considering the substantial rise in the total number of online transactions that were being made.
Typically, the CVV code of a credit card is the last three digits printed on the back of cards near the magnetic strip. However, in the case of American Express, the CVV is a four-digit number that is printed on the front of the card on the right side. Instead of being encoded over the magnetic stripe of the card, it is printed flat. For the majority of credit cards i.e. Visa, master and discover the CVV is printed on the backside of the card next to the magnetic strip.
Primarily as a security measure, online sellers and merchants that require the CVV in case of card not physically present transactions the card issuers have rules and guidelines that prevent the CVV from being stored in the database once the transaction is authorized. This is mainly done in order to ensure optimum security even if the cards are stolen no fraudulent transaction can be made.
Payment gateways and virtual online transaction terminals do not store the CVV code of any credit card which ensures security. Employees and customer care representatives that have access to these gateways which in turn provides them access to all other card details lack the CVV. The payment card industry data security standard abbreviated as PCI-DSS prohibits the storage of CVV codes in a database after completing a transaction. This guideline is applicable to anyone who stores or makes use of cardholder’s details. Since the CVV is not present on the magnetic stripe of the card it is not used and included in case of face to face transactions that occur. Providing the CVV code in a transaction is mainly intended with the objective of verifying that the card is in possession of the owner. The right CVV ensures that the customer has seen the card.
Just like every other security measure CVV code has some limitations when it comes to ensuring one hundred percent security. Here’s a quick rundown on some of the major limitations of CVV codes on credit cards-