As an online merchant accepting credit card payments, you have numerous security issues that you must be aware of for the safety of your business and your consumers. At this time, there are two main aspects of credit card security for credit card processing, including AVS and CVV. Both allow credit card transactions to be completed anonymously over the internet, and any merchant accepting credit cards online should require both forms of information of your customers.
Address Verification Service
The AVS, or address verification service, is used to determine that the address provided by a customer matches the address associated with a credit card account. This helps generate confidence that the person who is entering the credit card details is the person who owns it. While the AVS is not required to process credit card transactions, when it is provided the transaction processor will send a response back with details of how much of the address provided matches the address on the credit card.
A credit card will not be denied if the address is entered wrong, it is up to the merchant to decide what to do if the address only matches partially or not at all. You can deny the sale, or require the buyer submit additional information, or give them the opportunity to correct the address information, before processing the transaction.
Card Verification Value
The CVV, or card verification value, sometimes referred to as the CVV-2 is a three to four digit number found on the back of American Express, MasterCard and Visa cards. Its on the card but not on any statements, so that if an individual has found a credit card statement in the trash, they arent able to complete a sale that requires the CVV code for verification purposes. When a customer is able to enter the CVV code, its a strong indication that the customer has the credit card in hand, which increases the potential of the card belonging to the person who is attempting to use it to make a purchase online.
Most credit card fraud online occurs when a thief has found a discarded receipt or a thrown out credit card statement, but by requiring the CVV code, the merchant can eliminate that type of fraud.
If a CVV number is entered and is incorrect, the transaction will be declined by the credit card issuer.
Providing Consumers with Top Security
If you are going to accept credit cards online for payment for products or services offered through your website, its imperative that you provide your customers with a guarantee that youre protecting their credit card information.
Credit card processing typically requires that the customers information is transferred about four times, which means there are four instances when someone could gain access to the cardholders details. When a customer first sends the credit card information to you via your checkout or web based form. You are solely responsible for security as the internet merchant, at this stage in the credit card transaction process. Having a secure server and a valid security certificate with the https protocol will protect and encrypt private information you receive from customers.
You will want to be sure that the credit card transaction processing software you use for your business is secure by using a reputable processing company. As customer information is moved in and out of a database through the transaction process, the security must be top of the line- and this is ensured by choosing a solid company that offers encrypted software for this part of the process.
Finally, when customer credit card information is viewed or handled by you or your staff, its important that you ensure security at this stage as well.