When is It Safe to Give out the Security Code on the Back of my Credit Card?
The security code on the back of your credit card, which older credit cards may not have, is a three or four digit number used to verify that you actually hold the card. It is also called a CVV or CV2. There are a lot of questions about when it is safe to give this security code out, and when you should not release this information. It is usually safe to give out this code when shopping online, especially to well-known retailers, but you should never release it when you are using the card in person.
Generally, the security code was intended for extra protection when you purchase items on the Internet. It is used to verify that you in fact are entitled to use the card, and that you have all the information contained on the card. Since an online purchase doesn't show your card to the vendor, the number helps prevent the vendor from making a sale to someone fraudulently using the main number and expiration date, which might be stolen from the front of the card.
This is why you should never release the security code when you are present for a sales transaction. It doesn't show up when the card is scanned, or when a copy of the card is imprinted on a sales slip. People who steal this information, including some people who work at point-of-purchase businesses, don't have all the information needed to make most Internet purchases. Of course, not all companies online ask for your CVV, and it might be a good idea to only use vendors that will require this information when you shop on the Internet to support those vendors that are attempting to stop fraudulent use of your card.
Even with firewalls, security systems, and everything else in place, you cannot be 100% assured that giving out your security code on the Internet guarantees your safety. In all instances where you disclose all relevant information needed to make Internet purchases, there is a chance that people taking that information might steal it. This is why you must view the security code as only one method of attempting to prevent Internet fraud. Careful scrutiny of charges on your credit card, and not giving this information out to unknown vendors is important too.
You can be more certain of larger and more reputable vendors when you are asked for your security code. You should probably avoid giving this information out to vendors you have never heard of before, and who don't seem to have a high amount of site traffic. You may also be asked for your security code number when you purchase things on the telephone, and you should probably not give this information out if you're on a cellphone in a public venue.
It is very clear though, that if you are purchasing something in person, a retailer will not ask for your CVV. He or she will usually verify your right to use the card by comparing signatures on the back of the card and the receipt.
Yesterday I used my debit card with my PIN and their system required my security code as well. I reluctantly gave it, but am not happy. Now my card number, pin and cvv are all in their system. I question how legal it is to ask for the cvv at a brick and mortar store to begin with. To want it on debit pin activity seems downright dangerous. I don't think I will be using any credit cards at Walmart anymore, which will definitely limit my spending there.
WalMart requests a three-digit code for both credit or debit transactions. They tell you it is the bank doing it. It is not. It is WalMart.
I don't know if this is a good thing or not. I don't trust anyone anymore. The payment system is too wide open. Anyone can make a credit/debit card and use the info.
@anon203405, Post 8: Yes, you could explain how you use this number to verify the credit card data and why it is needed to complete a transaction. This is what the article doesn't explain and I still don't understand how this is used *exactly*. I'm just interested. Is this number required when you request money from the cc company or do you check it yourself somehow (and if yes, then how)?
@anon170153, Post 7: Because you could be an evil cashier, who use the numbers you wrote down to start shopping. I don't want say that you are an evil cashier, but you could be. In fact, I don't know who you really are.
Many stores are now asking for the security code when a person is in the store paying with a credit card. Walmart and The Dollar Tree for instance both want the 3 digit code at their Pampa, Texas locations. Why do they need it?
Our car was being serviced and we received a loaner car. We had to give these items to be copied: insurance card, drivers license and credit card. After the credit card was copied, she wrote the expiration date from the front and the three-digit security code from the back.
Should she have been able to write down the security code and how safe is this? It was at local Chevy dealership service department.
After my Amercard had been scammed despite my signature reading "photo," I finally got to the point in discussions with Mastercard that the 3 digit number on the back was really my security number for contacting Mastercard.
If I chose to give it to anyone else, there is a real danger of an errant employee taking the CC number and that security number and selling it to lists which are sent to criminals who start to clean up at your expense.
I now have both the signature as "photo" (requiring that the clerk ask for such if they want to be protected) and the 3 digit number is scraped off the card. If I am ordering online, there are other ways to determine who I am including the telephone number from which I am calling when ordering at home and which is visible to the supplier.
I do not shop where the supplier insists on compromising my CC's security number. Some suppliers will allow you to shop with a purchase order and send a check, while others allow you to electronically pay from your bank into their account with your mutually agreed to reference number.
I hate to think of how much money we are paying for goods since the costs of the fraudulent transactions are added to the product price. these costs exist primarily because the CC companies have still not come up with a simple reasonable means of holder verification without disclosing our security numbers.
By the way, my CC (despite no signature and no security number) was somehow compromised in the States again last year, but in that case, it must mean that some clerk or other did not do due diligence on checking information or sold the information to a fraud list. In that case, the CC supplier could not fault me as card holder for that one but they may start making customers responsible if the customer has disclosed the security number! -- Wayne, Ontario Canada
Many brick and mortar places (e.g., some Wal-Marts) require the CVV in order to process the transaction. They are actually now using it in some stores in place of your signature. I just had a friend drop a few hundred dollars there and they did not even require a signature.
Thanks for all the suggestions. Looking at the way they have designed the cvv/csc system, it is not good enough.
Never give your card information to anyone who is calling you. If you make the call for a purchase, it is normally a safe for you to give the security code on back. This helps them to determine that you are the owner of that card. Never give the code to a clerk at a convenience store who asks to see the card first before you swipe it.
Yes it safe to give over the phone. All major credit card companies have placed card security codes on their credit and debit cards as an additional security feature for merchants who accept Visa cards as payment over the telephone or online.
Visa’s Card Verification Value 2 (CVV2) is a three-digit number printed on the back of every Visa credit or debit card. It is located in the top right corner of the signature panel or immediately to the right of it. It is preceded by the last four digits of the card’s account number, printed in the signature panel. CVV2 was introduced to help e-commerce and mail order and telephone order (MO / TO) merchants verify that their customers are in a physical possession of their cards at the time of the transaction.
It is a feature that all major e-commerce payment gateways support and your payment processing provider should make it available to you.
The most idiotic thing is: Why is the code printed on the back of the card? I think some real idiot must have invented this system to help fraudsters. If you can remember your email password, why can't you remember your credit card code, which is hardly three digits?
The only case where it may be relatively safe is if you are entering it into a secure web page as it may be unrecorded but you have no assurance of this. You should scratch it from the back of your card, and you should never give it to a person over the phone regardless. If you do, they can purchase anything with your card as they now have all the info that you have and until it runs out of money. Even if your bank reimburses you, how long will that take, do you think?
I recently moved to a small town in TX, and have been asked for both my CVV and PIN numbers over the phone, as well as email. I refuse to use the CVV anywhere but a secure internet site, just as I refuse to use my PIN in anything but an ATM machine.
Thanks for this very useful article. I use a PayPal merchant account to receive payments (some online, some by phone or in person) and have found that many customers are extremely reluctant to give out their CSC over the phone, even though it's required in order to complete processing. Especially with our older customers, they don't want to go online to complete a purchase, so we can be stuck saying "then you'll have to come in person and pay by cash or check".
Anyone have helpful tips for explaining to customers why you really do need the CSC?
I'm a cashier at Sam's Club. If our scanner won't/can't read your credit/debit card, and we have to key in your number manually, one step in the process requires us to enter the security code. At that point, we're holding the card in our hands. If you've already handed me your card, and I've manually entered the card number and expiration date into our computer terminal, what possible objection could you have to our finishing the transaction with the security code? This merely ensures that we're entering data from a legitimate card, and not simply plugging in numbers from a piece of paper.
Many times when making a purchase in person, the merchant will look at the back of the card for a signature. At that time he or she could easily see the CVV number. How does one protect against that?
I think it's a miracle that they've gotten it going so safely!
But online I use PayPal too, as much as possible, and love the convenience.
Put your bank's number on your cell phone contact list. I was robbed last summer and almost the first thing the policeman said was "call the bank and stop your cards." I laughed. I had already done that by the time he arrived on the scene in under 5 minutes. I had been doing something with my banker and so his number was right on my cellphone.
In such a dumb moment, I'd done something accidentally smart, so put your bank's number on your cell for such moments if it is not already there.
This may be a stupid question, but isn't it fairly easy for any point-of-sale vendor to glance at the back of the card and get the code him/herself? Does anyone simply memorize and then remove the code from the card?
That's why I always go through PayPal - that way the vendor never gets your actual credit card number or bank account.
Great question. You can almost always request that the call not be recorded if you don't want it to be. If you have used the card before, and this vendor knows you are a regular customer, they may not need it to process your transaction. Lots of vendors don't ask for it.
I think you can't be 100% sure, so best bet is to go with your gut and decide if the vendor is trustworthy. Then, watch your credit card statement for any unusual charges (this makes good sense under any circumstances). If a vendor does record for training purposes, you should ask the vendor not to record your call. Thanks for asking that; I find I really resent these "recorded calls" although I doubt they record or use that many of them. Tricia E-C
Is it safe to give your 3 digit security code over the phone to a well known vendor when the conservation is "recorded for training purposes."
Post your comments