Overview
Card Verification Value (CVV) settings help protect your business from fraudulent transactions by verifying that the customer has physical access to their payment card. By requiring and validating the card’s 3- or 4-digit security code, you can reduce chargebacks and minimize risk—especially for online and phone orders. This guide explains what CVV is, how it works, and how to manage your CVV settings for stronger security.
What Is CVV?
CVV stands for Card Verification Value. It’s a 3-digit code on the back of Visa, Mastercard, and Discover cards, or a 4-digit code on the front of American Express cards.
This code isn’t stored on the magnetic stripe or chip, so it provides an added layer of security. Requiring CVV during checkout helps confirm that the person making the purchase physically has the card.
When Should I Use CVV Settings?
CVV settings are especially important for:
- eCommerce transactions, where the card is not physically present.
- Mail Order/Telephone Order (MOTO) sales, which rely on manual card entry.
- Reducing fraud, especially for high-ticket or international transactions.
Merchant Impact: Enabling CVV verification can help lower your risk of chargebacks and protect your business from card testing attacks.
How to Enable and Configure CVV Settings
Follow these steps to manage CVV settings in your Merchant Portal:
- Go to: Options → Settings → Card ID Verification
- Check the boxes next to the CVV result codes you want to reject.
- Click Save to apply the changes.
- If your account supports multiple processors, use the Processor dropdown to configure rules for each one.
- Use the US Domestic / Non-US International toggle to set different rules based on card origin.
You can select one or multiple rejection rules depending on your risk tolerance.
CVV Result Codes You Can Reject
Below are the most common CVV response codes and what they mean. You can configure your settings to reject transactions with any of these:
| CVV Code | Meaning | Suggested Use |
|---|---|---|
| N | Does NOT Match | CVV provided doesn't match what's on file with the card issuer. |
| P | Not Processed / Not Provided | The issuer didn’t process the CVV or it wasn't sent. |
| S | Should Be on Card but Not Indicated | A CVV is expected for this card type, but none was entered. |
| U | Issuer Not Certified / Encryption Key Missing | Issuer couldn't validate the CVV due to technical issues. |
These settings apply to both eCommerce and MOTO transactions.
Managing Multiple Processors
If your account supports multiple payment processors, you'll see a Processor dropdown in the CVV settings screen.
- Settings must be configured separately for each processor.
- Rules set for one processor will not automatically apply to others.
Domestic vs. International Card Settings
You can also choose to apply different rules based on the origin of the payment card:
- US Domestic: Applies to cards issued within the United States.
- Non-US International: Applies to cards issued outside the U.S.
This allows flexibility, as some international banks may not fully support CVV standards. Use this option to avoid unintentionally blocking legitimate global customers.
View Your Change History
At the bottom of the Card ID Verification page, click Show History to view a record of:
- Timestamp: When a setting was changed.
- User: Who made the change.
- Rules Added or Removed: A list of response codes that were adjusted.
This is helpful for tracking changes and ensuring your settings match your current fraud prevention strategy.
Common Questions
Can I enable more than one CVV rule?
Yes. You can enable any combination of CVV response codes depending on your business needs and risk level.
What if I have multiple processors?
Use the Processor dropdown to configure settings for each processor individually. Settings do not carry over automatically.
Are CVV rules required?
They are not required, but highly recommended—especially for card-not-present transactions like online or phone orders.
Need Help?
If you're unsure which CVV settings are best for your business or need assistance making changes, please contact your Merchant Service Provider for support.