CVV code request

[gambblex]

Hi!

In all my experience of online shopping I was only once requested for some verification PWK namely for the statement for the card used (not even copy of the card or verification form)

But recently I placed an order at online shop and got a request to fill in the Auth form and card F&B. And also gov. iss. ID (that was a bit weird)

Security purposes,sure,np.

It's ALWAYS been advised everywhere if your card copy is needed to block middle digits. And always recommended not to disclose your CVV to any single person in the whole world,correct?

And what should I think when their support is telling me that they need me to uncover middle digits? And they ask me why I covered digits on the backI ask them :"So you need my CVV code as well?"- "Yes",was the answer from the supervisor.



Basically,I could put up with a request to open all digits on the front but WTF are they going to do with my CVV code? So I can feel invulnerable security-wise with such requests?

Opinions welcome

[Suave]

Hi!

In all my experience of online shopping I was only once requested for some verification PWK namely for the statement for the card used (not even copy of the card or verification form)

But recently I placed an order at online shop and got a request to fill in the Auth form and card F&B. And also gov. iss. ID (that was a bit weird)

Security purposes,sure,np.

It's ALWAYS been advised everywhere if your card copy is needed to block middle digits. And always recommended not to disclose your CVV to any single person in the whole world,correct?

And what should I think when their support is telling me that they need me to uncover middle digits? And they ask me why I covered digits on the backI ask them :"So you need my CVV code as well?"- "Yes",was the answer from the supervisor.



Basically,I could put up with a request to open all digits on the front but WTF are they going to do with my CVV code? So I can feel invulnerable security-wise with such requests?

Opinions welcome

Could you name the casino at least? I have never ever heard of such a request.

[rockycatt]

not needed ive always been told to cover all the numbers you speek about from evey casino on line that i doc;d with

[gambblex]

No, it's not a casino that's why I posted this in "Other complaints" .It's a health supplements store,pretty well known

I asked them not once if they realize what they're asking for and what the consequences may be.

It's not just dumb it smells with a criminal activity.How can any policy justify the very request for disclosing such confidential details?

[just play]

I would talk to another supervisor, the one you talked to obviously didn't know what s/he was talking about.

Or...you can email the company and see what they say.

I order online at quite a few different places and never been asked to show proof of anything...I think the things they asked you seems very odd, and I'm not even talking about the CVC number...onto that...no way in hell would I ever give them that.

Maybe contact your credit card company and tell them which place this is and what they are trying to do. I'm sure they would advise against it.

I hope you didn't place the order.

[rockycatt]

No, it's not a casino that's why I posted this in "Other complaints" .It's a health supplements store,pretty well known

I asked them not once if they realize what they're asking for and what the consequences may be.

It's not just dumb it smells with a criminal activity.How can any policy justify the very request for disclosing such confidential details?

even simpler ask your cc bank prob solved they might put the store on the carpet
for not in compliance

[Suave]

even simpler ask your cc bank prob solved they might put the store on the carpet
for not in compliance

How would that work for sure? I say just use wire transfer or any type of ewallet on that site. I'd like to know the name of the site...there is no point keeping it secret. And I would not like this to happen to me as well.

[gambblex]

I hope you didn't place the order.

Did.That's when all the BS started but I requested a refund and will check my card in a couple days.

I shop online quite extensively but only once my order was put on hold because it was considered large.

Checking this with the bank is a measure by default so I guess I will do.

If someone interested it's A1Supplements.com so you may ask what your CC image must look like.

[rockycatt]

How would that work for sure? I say just use wire transfer or any type of ewallet on that site. I'd like to know the name of the site...there is no point keeping it secret. And I would not like this to happen to me as well.

well nothing but tax's and death are for shure , that said the banks / credit card companies dont want to have service with rogue vendors , so the fraud dept might scold them or revoke their rights

[vinylweatherman]

well nothing but tax's and death are for shure , that said the banks / credit card companies dont want to have service with rogue vendors , so the fraud dept might scold them or revoke their rights

Don't bank on it. Many rogue businesses rely on lax controls from the banks, and if you complied with such a request, the banks would blame the CUSTOMER for being careless. The merchant would wriggle out of it somehow.

There would only be action taken if a number of complaints surfaced, and you had PROOF of such requests being made.

Don't just tell the bank, print off evidence of this request, and evidence of continued obstruction to your desire to protect the middle digits and security code on the back of the card.

Banks DO issue advice to customers, and this is NOT to give this information to "people", rather it is to be used ONLINE, and ONLY through a secure site. This is because the company CANNOT normally see and copy these details, and validation is done through encrypted channels.

Both VISA and Mastercard have introduced an additional layer of verification to protect online transactions, VISA Secure, and Mastercard securecode. They add the requirement for the customer to further validate the transaction with a password, as well as the 3 digit code on the card. This password must NOT be given over the phone (as one casino at least is reported to have asked a player to do), it is ONLY to be entered on the BANKS' validation page, NOT the merchants' page.

This particular merchant appears worried about online card fraud, yet REFUSES to use these official measures, preferring instead to ask customers to break the terms of their card issuer to give them assurance "on the cheap".

If anything goes wrong though, the customer may find the banks REFUSE to pay out BECAUSE the customer gave the merchant this data, when the card terms stated this should NOT be done.

What is even worse is that the merchant took the money, and THEN sprung this requirement.

A complaint to the card issuer is the best option, and only if THEY give permission should you comply with the request from the merchant. If the bank take fright at this kind of request being made, the merchant WILL find itself in trouble, and the card networks will wonder how "routine" this practice has become, since losses due to online fraud are INCREASING, and they are likely to see such inappropriate requests from merchants as creating the means by which criminals get hold of the data they need to perpetuate such fraud.

I DID once complain to VISA when Winward casino "required" me to reveal EVERYTHING on my card, and VISA asked me whether I wanted to make a formal "adverse merchant report" against their processor. VISA did also say that the risk involved was "minimal", and that I would be OK complying with the request. Interestingly though, when I told Winward I had asked VISA themselves for guidance, they did a U-turn, and accepted the image with the middle digits and security code blacked out.

I now routinely edit card images to remove the code & middle 8 digits, and no other casino so far has objected to this.