Picture this: you’re swiping a customer’s credit card to process a mobile payment. And you’re trying to complete the transaction as quickly as possible. Maybe you’re busy and you want to serve other customers, or perhaps you just want to demonstrate to your current customer that mobile payments are indeed fast and convenient.
But in order to finish the transaction, you have to key in the credit card’s security code. What a drag. Is this step really necessary?
Actually, it is, and it’s more important than you might think.
What the Security Code Does
That three- or four-digit code on the back of a credit card is known by many names, including Card Verification Code (CVC), Card Verification Value (CVV), Card Security Code (CSC), and a few others. Since the security code is assigned to each card from a different source after the card (and its magnetic stripe data) is manufactured, it serves as a fail-safe measure to avert credit card fraud.
Merchants and card processors (including GoPayment) are prohibited from storing security codes in their databases. Once the code is confirmed during a transaction, the data is digitally destroyed.
Verifying a code acts as another level of security to prevent thieves, hackers, or unauthorized individuals from being able to use credit card information obtained by:
- hand-copying credit card numbers from invoices or credit slips
- launching phishing attacks on computer users and stealing credit card numbers typed in online
- hacking into merchant databases and downloading stored credit card numbers
Unless you ask for photo identification with every credit card purchase, entering a security code is often the only way to authenticate that the card actually belongs to the cardholder. This is especially true if you accept credit card payments over the phone or via email.
Are Security Codes Mandatory?
GoPayment requires all users who are processing mobile payments with digital devices to key in the card’s security code. This step is necessary in order to maintain security standards set forth by the Payment Card Industry Security Standards Council.
However, if a situation arises when this is not possible (such as when a code has worn down and is unreadable), credit card data can be verified through Intuit’s Merchant Service Center (although an internet connection is required). This portal employs its own security protocols to guard against credit card fraud.
So the next time you’re feeling frustrated about having to type in a card security code, consider the benefits your customer is receiving by not being subjected to fraudulent credit card charges (or possibly even identity theft). They will appreciate it.