Card Security: CVV & AVS

Card Verification Value

A Card Verification Value, or CVV allows enhanced security for both merchants and customers during transactions. There are two types of CVV codes, called CVV1 and 2, respectively. The CVV1 is embedded in the magnetic stripe of track 2 of a card. The purpose of the first CVV is to verify data stored on a card is valid and was issued by a bank when used in person. The second and more prominent CVV2 is a three-digit code (Visa, MasterCard) printed on the back of credit and debit cards.  American Express cards have a ‘Unique card code’ that is four-digits long and printed on the front. These codes are used in card not present transactions occurring over the Internet or Mail Order/ Telephone Order (MOTO) transactions as an added security feature to prevent fraudulent purchases. The code is meant to verify that the customer is the actual cardholder, and that they have the card in their possession.

For Merchants:

Merchants requiring CVV2 codes for their card not present transactions can dramatically reduce fraud in their businesses. Using this extra layer of protection can stop breached or fraudulent cards from going through. Avoiding potential retrievals and chargeback fees.

For Consumers:

Entering your CVV2 code when purchasing online products verifies that you are who you say you are. Under Visa regulations, merchants cannot store CVV2 codes in their databases.  This means any card numbers lost in a breach would be less useful. In this sense, a consumer is protected on both sides of a transaction, once when verifying the purchase, and then again in terms of breach or fraud security.

Address Verification System

Address Verification System, or AVS was designed by card issuers to aid in the detection of suspicious credit card transaction activity, and verify that the cardholder’s address info matches what the banks have on file. The service is provided as part of a credit card authorization for mail order/telephone order transactions (MOTO) or Internet e-commerce transactions.  A code is received with an authorization result that determines the level of accuracy of the address match. This verification helps secure the most favorable interchange rates for the merchant.

Visa, MasterCard, Discover, and American Express support this service, and when paired with a CVV confirmation the result is a secure, verified transaction. To verify a customer’s address, a merchant will need the cardholder’s billing ZIP code and the house or apartment number of the billing address.  The merchant does not need to enter in the street, city or state of the cardholder.  While AVS is not intended for use as absolute protection against suspicious transaction activity, it is an important step in securing non-face-to-face transactions. Host Merchant Services recommends to all merchants that they secure these types of orders with both AVS and CVV.

Save Time, Money, & Resources

Categories: Security

Get Started

Ready for the ultimate credit card processing experience? Fill out this form!

Contact HMS

Ready for the ultimate credit card processing experience? Ask us your questions here.