Categories
Rant

Palmer’s Rant of the Day – CVV2

Let’s save my rant of service fees for tickets until another day shall we?

Let’s talk about credit card numbers.

More specifically, the magical code on the back of the card known as the CARD VERIFICATION VALUE.

What is this number used for? Let’s look into some history here for a moment. Time machine ahoy!

The second code, and the most cited, is CVV2 or CVC2. This CSC (also known as a CCID or Credit Card ID) is often asked for by merchants so that they can secure “card not present” transactions occurring over the Internet, by mail, fax or over the phone. In many countries in Western Europe, due to increased attempts at card fraud, it is now mandatory to provide this code when the cardholder is not present in person.

Taken from http://en.wikipedia.org/wiki/Card_Security_Code (otherwise known as the Encyclopedia Galactica)

Now, I don’t know about you, but I swear everytime I have used my credit card over the phone or over the Internet, there is always the need to state this magical CVV2 number. They claim that this ensures that you have the card in your posession.

Hogwash. Let me ask you this…when you have to lend your credit card number out of to your wife for her to order some books on Amazon.com, what should you give her? You give her the 16 digit code and the expiry date.

You shouldn’t also have to give her another 3 digit code since every website asks for it! It’s just three more digits to write down/memorize/whatever. It is hogwash (I’m loving this word today) that by stating this magical 3-digit number will automatically mean that you have the card in your possession. Huh, sure wasn’t the case when I borrowed Mom’s credit card information to order some Eric Clapton tickets. I just grabbed everything I needed – the account number, the expiry date…oh and let’s not forget the newfangled invention which is the CVV2 number.

Honestly, what are businesses thinking?

However, I must say something here in their defense.

“Online merchants who require the CVV2 in their transactions are forbidden[3] in the USA by Visa from storing the CVV2 once the individual transaction is authorised and completed. This way, if a database of transactions is compromised, the CVV2 is not included, and the stolen card numbers are less useful.”

Hmm…that’s an interesting concept. So are they saying if I choose to store my credit card information on a website (like Amazon.com), that everytime I go back, I have to at least type in the CVV2 number to confirm that I in fact would like to use my credit card information which is stored in their database? Interesting.

By the way, for those who are out there storing their information in someone’s database, shame on you. Well…what I should say is that you must leave your doors unlocked during the day and night also. Actually, you have no need for locks in the first place if you leave your credit card information in supposed safe databases. All it takes is one goofball who wants revenge on some lousy job to steal a hard drive worth of information.