Who’s behind this site?

This ecommerce blog is lovingly brought to you by Linda Bustos and Jason Billingsley of Elastic Path Software: The ecommerce software that helps retailers sell more and work less.

Need advice? Contact Us or Visit Elastic Path »

Get New Posts Delivered to You
The Art & Science of Choosing Ecommerce Technology
  • Free Webinar with Bernardine Wu,
    CEO, FitForCommerce
  • August 14th 2008 - 9am PT
  • Sign Up to Attend! (limited space)

Is a CVV number required?

Chart: Is a CVV number required?

Fraud is always an issue when it comes to online purchases and asking for a CVV number is one method of curbing fraudulent credit card use. It is also one extra field to ask users to fill out. So does the extra hassle affect conversion rates? Apparently it does. Overall, conversion rates were a full 40% higher where retailers did not require a CVV number.

If this is a solid finding, retailers must balance the trade-off between fraud prevention and ease-of-use for legitimate purchasers.

55% of Top 100 retailers require shoppers to give a CVV number during the checkout process.

Back to report index Back to The Ecommerce Checkout Report Index
Complimentary White Paper
The Ecommerce Checkout Report

An in-depth report on the checkout tactics used by the Internet's Top 100 online retailers

Download Report (PDF)

Comments

  1. Jestep
    June 26th, 2007

    By Visa and MasterCard regulations, CVV is required with every non-recurring internet transaction. Funny that more than half the websites being tested don’t even use it…

  2. Jason Billingsley
    June 26th, 2007

    Are you referring to PCI compliance? I wonder if they have tested the effect of requiring the CVV input versus conversion rate. Maybe penalties for non-compliance are less than the impact it has on conversions?

  3. Jestep
    July 16th, 2007

    Just to clarify this, Visa and MasterCard recommend that all Internet and MOTO transactions include the card code when a transactions is processed. Many processors, especially when it comes to smaller online businesses, require that the card code be included with a transaction on non-recurring Internet and MOTO transactions. There isn’t any system in place with either group to actually force businesses to use card code verification, so in the end it is still up to the business itself whether they want to use it or not.

  4. Neon
    September 3rd, 2007

    Once a security feature was given away online you can not consider this feature as secure anymore.

  5. Tomer
    December 5th, 2007

    Very dumb to not require cvv. Even though conversion rates are reduced, so are chargeback rates… ;-)

  6. Linda Bustos
    December 6th, 2007

    I think consumers may not trust sites that ask for CVV because if you have that data on file, you can use the credit card anywhere. Do you trust every online retailer’s online security that no one will EVER have access to that information? Ironically, the CVV is there to protect you, but it’s a dangerous piece of information to give up.

    But it’s part and parcel of transacting online.

  7. bruce
    June 24th, 2008

    Can someone clarify for me: The PCI Data Security Standards state that the CVV number is not to be stored “subsequent to authorization”.

    Does this imply that authorization must be done immediately, or does it mean that if I take 48 hours to complete authorizaiton or authentication, that I could store until then?

    This question is the reason I’m hesitent to ask for the CVV code.

  8. Terrance Whitmoorionios
    July 1st, 2008

    Linda,
    It’s illegal for merchants to store CVV data.

Leave a comment