CVV2 storage violates merchant agreements

Discussion in 'Suggestions and Feature Requests' started by n0rman, May 16, 2008.

  1. n0rman

    n0rman Bit Poster

    Messages:
    1
    Hi,

    Your HSPComplete software is storing CVV2 codes and even displaying them.

    This code is intended to establish possession of a Amex / Visa / MC.

    I'm pretty sure that this violates the terms of service of merchant accounts / card processors.

    After you check with your lawyers, they'll probably have you open a ticket and fix this problem ASAP.

    Best,

    Norman
     
  2. vbatraev

    vbatraev Odin Team

    Messages:
    346
    Hello Norman,

    You can configure the CVC code storage policy from PCC > Commerce Director > Online Payments > Setup and select one of the following option:

    1. Do not save the Credit Card validation code (CVV). You can check this box if you do not to save the CVV codes together with the other credit card data.

    2. Save the Credit Card validation code (CVV) for future transactions. You can check this box to save the CVV codes together with the other credit card data.

    3. Keep the Credit Card validation code (CVC) till first successful transaction. Set the option button to this if you want the CVC code to be saved only till a successful payment is performed by a credit card. For example, if you add a credit card manually and do not pay with this card right away, the CVC code will be stored till the first successful payment.

    So you may disable CVV code saving.
     

Share This Page