Quote:
Originally Posted by Kimmykim
Lots of misinformation in here.
1. CVV2 is not stored in a database, it's expressly prohibited to store the data anywhere, and the punishment for a violation is losing your merchant account.
|
This is how I understood it as well, but the interesting thing is that when informing several companies of my new CC number, two of them asked for the CVV2. These are for regular monthly payments which may not necessarily be the same amount each time. Is there some sort of pre-verification where they can pass the details once-off to say "customer has authorised future charges without CVV2" or is it likely they're storing it?
edit: just realised it's an old thread... still, interested to hear what anyone in the know has to say about the above.