Credit Card Y/M Address Verify / CVV2
Printed From: ProductCart E-Commerce Solutions
Category: ProductCart
Forum Name: Suggestions
Forum Description: ProductCart Suggestions
URL: https://forum.productcart.com/forum_posts.asp?TID=1571
Printed Date: 23-November-2024 at 5:40am
Software Version: Web Wiz Forums 12.04 - http://www.webwizforums.com
Topic: Credit Card Y/M Address Verify / CVV2
Posted By: WGSnet
Subject: Credit Card Y/M Address Verify / CVV2
Date Posted: 28-April-2008 at 2:08am
|
The ability to view the credit card authorization results from the gateway (Authorize.net in our case) on the Orddetails.asp > Payment Status tab would be helpful. This would allow the merchant to quickly view the Address Verification (Y) and CVV2 Security Code (M) results on the Order prior to processing to determine if further fraud screening is necessary. Note : I have a good ASP programmer that can do it, I would just like to put in a plug for it to be in the cart by default. |
Replies:
Posted By: Hamish
Date Posted: 28-April-2008 at 6:21am
|
I very much doubt authorise.net would send the CVV2 code and I don't see, short of having the card in your possession, how it would help you with fraud screening. If anything, it makes your database a potential source of full credit card details that could then be used for fraud by any one with the ability to access the database, legitimately or otherwise. That would almost certainly put you at greater risk of legal action. PC's security is good, but the code runs on a server and any holes on that server, or other apps on it could be a vector to the system being compromised. Companies like authoirise.net live & breathe security, they cannot afford a breach - ever, and their security budget is many many times what others can afford to spend. Surely a major point of services such as authorise.net is that they take ultimate responsibility for checking that the details entered are valid - They will check the address & CVV2 with Visa/whomever, so it will only get past those checks if the details are correct. Do you allow deliveries to addresses other than the one associated with the card? If you can avoid doing that, or treat all those as much higher risk, then I believe you would be a good part of the way there. |
Posted By: WGSnet
Date Posted: 28-April-2008 at 6:39am
|
I'm reffering to the CVV2 "Results" of course ... (M) for "Matched" and the Address Verification Results, which are used for fraud screening. This is something that is in another cart we run and it's a very nice feature. |
Hamish wrote:Posted By: Hamish
Date Posted: 28-April-2008 at 7:01am
| Ahh, My apologies ! |
Posted By: Hamish
Date Posted: 28-April-2008 at 7:17am
|
OK - I took a quick look & the results are indeed returned from authorize.net and populated into a variable. Take a look pc/pc_authreturn.asp - x_cvv2_resp_code. .... And, reading the original post, I see you have an ASP programmer who has almost certainly got past this point anyway  .I take your point about it being included & displayed & it can only be of benefit to do so. |
Posted By: WGSnet
Date Posted: 28-April-2008 at 10:26pm
Here is an example of this feature in use on another cart ... |