Credit Card Security Code
The credit card security code, of which most credit cards have two, is designed to minimize instances of fraudulent transactions involving plastic money. Each and every credit card has a 16 - 18 digit number embossed on its face. This is the preliminary identification of the credit card. The second security feature is the Credit Card ID Number. This is a three or four digit number that is not a part of the magnetic stripe of the card. Amex cards have a four-digit code printed on the face of the card. Other cards have this number printed on the rear of the card.
Swiping the card helps the reader access the data present in the magnetic stripe. This includes the credit card number, account number, expiration date and other details. This information is verified with the issuing bank before the transaction is approved. The three or four digit Credit Card ID Number, also known as the CVV2 number, is used primarily for 'card not present' transactions. Submitting credit card information over the phone or Internet involves the use of this number.
Merchants can verify the signature of the cardholder with the specimen signatures on the credit card or compare the user with the photo incorporated in the card to prevent fraudulent transaction. This option is not available when the card is used on the Internet. The identity and authenticity of the cardholder is established by submission of the credit card number and the additional credit card security code incorporated on the card alone.
An individual stealing the data in the magnetic stripe will know the credit card number and expiration date but not the additional code. This feature ensures online purchases are made with extra security.
Any webpage requiring submission of this information should have the letters 'https' in the address bar. This ensures that no unauthorized third-party can access the information being submitted. Merchants and the vendors are not permitted to store the three or four digit CVV2 code. This information must be submitted each and every time the credit card is used in 'card not present' transactions.
The CVV2 code remains valid throughout the validity of the credit card. The new credit card issued after the expiration of the old card will have a new CVV2 code.
The card can be misused in online transactions only if the card itself is stolen or misappropriated. Phishing attacks try to fool the cardholder into disclosing the information by posing as the credit card issuer or any reputed vendor.
This information, on being required by online vendors, should be entered only after assessing the various security features incorporated in the page to prevent unauthorized disclosure of the confidential data.