[ic] CVV2 with Interchange

Gur interchange-users@interchange.redhat.com
Wed Jan 23 18:37:01 2002 

As a business selling to consumers online/mail-order I am liable for almost
all charges that occur when the card holder claims that he/she didn't use
the card for a transaction. It is very easy to defraud the system.

Example:
-Cardholder uses his card to purchase a DVD player, cost $250
-Provides his bill to but his friends address as the ship to
-The merchant processes his order and charges the card
-The cardholder has someone else sign for the package when it arrives
-End of the month, the cardholder receives his bill from the credit card
company
-Calls the company and tells them that he didn't make this purchase
-The company investigates and since the seller is an online/mail-order
account and don't have a signature on file the seller not only has to pay
for the DVD player, but also has to pay for a chargeback charge AT LEAST $25
-Being the nice customer-friendly company, the credit card company will
waive the maximum $50 fine that it can fine the cardholder under federal
law.
-The customer has a FREE DVD player.

If the customer had provided the CVV2 code the internet/mail-order company
could have contested that since the cardholder provided the CVV2 number, he
had possession of the credit card and was making a false claim.

I know CVV2 number is optional, but even if it prevents the merchant from
one chargeback its worth it. Just a while back I had a friend in the leather
business who was stuck with a chargeback because the cardholder claimed that
his girlfriend had charged the card and he didn't know about it since the
leather jacket was only around $150, it didn't make any sense for him to
have the police investigate for fraud. He was located in California and the
cardholder in Vermont.

Unfortunately fraud rate for domestic orders is still very high compared to
card present transactions, a while back buy.com was in serious trouble
because it had too many chargebacks.

I think I found what I was looking for, mv_credit_card_ccv2 field.

Thanks,
Gur

> I could see using CVV2 in that case. For domestic shipments where
> the fraud
> rate for online-verified orders is negligible, that doesn't make sense.
>
> Once again, I don't pretend to be authoritative here -- the
> processor is the
> best guide. Still in all, if I was asked for a CVV2 when I use a US credit
> card and Billing Address == Shipping Address, I would not supply it.
>
> --
> Red Hat, Inc., 3005 Nichols Rd., Hamilton, OH  45013
> phone +1.513.523.7621      <mheins@redhat.com>
>
> If you like what you're gettin', keep doin' what you're doin'. -- Hector
> _______________________________________________
> interchange-users mailing list
> interchange-users@interchange.redhat.com
> http://interchange.redhat.com/mailman/listinfo/interchange-users
>