In an effort to help prevent credit card fraud, we ask your customers to enter the CVV (Card Verification Value) and zip code associated with their credit card when they choose to pay by credit. Submitting this extra information to the credit card processor allows them to perform CVV and AVS (Address Verification System) checks, which are actually separate from approving the card itself.
That is, while a credit card processor may approve a credit card number and expiration date, they may tell us that either the CVV or AVS check failed (or both). This is an indication of 2 possible scenarios:
- The customer entered the CVV or zip code incorrectly.
- The customer may be using a stolen credit card number and doesn't have the CVV or zip code at all.
Since it's impossible for us to know which scenario is occurring, we have to assume the worst. As a result, we reject the transaction (even if the card itself was approved) and reload the checkout page with one or more error messages, asking the customer to correct the CVV and/or billing zip code and resubmit the transaction.
If the card had indeed been approved by the credit card processor, we void the approved authorization, which may show up on the customer's online credit card statement as a "pending" charge. These voided authorizations typically disappear in 3-5 business days. If the customer enters the CVV or zip code incorrectly multiple times before getting it right, they may see multiple pending authorizations on their online statements, all of which should disappear after 3-5 business days.
This extra layer of security helps to prevent credit card fraud because it requires the customers to have all 4 pieces of information about the card (card number, expiration, CVV, and zip code) instead of just the card number and expiration date. While these pending authorizations may be a little annoying for your customers, we feel it's important to do whatever we can to help prevent credit card fraud and it's ultimately in the customer's best interest.