Security code on debit or credit cards

savetilibleed · 27 October 2008 at 5:41PM

When using a credit or debit card just about every website wants the three digit security code near the signature strip. Worse still when making a transaction ove the phone when a real person asks for all the details including the code.

What do we think about giving away all our details so another person could potentially use them.

I bought a christmas present last year for my wife from a website that didn't have online purchasing facilites. Well I could have done it if I had a Paypal account, but even then not online other than email. I had to phone a mobile number and give my card details. I spoke to the woman who runs the business (well she answered to her name mentioned on the site). Sure enough the item duly arrived OK. The business seems well established selling Art Deco style jewellery, stocks of which change as they are purchased and "new" arrives. What I bought showed as reserved after the call then went from view. But I was uneasy.

normanmark · 27 October 2008 at 6:22PM

In order for transactions to complete they need that 3 digit security code on the reverse. It's there for transactions where the payment is not done in person.

Paranoia on your behalf, there's nothing to worry about.

savetilibleed · 27 October 2008 at 6:47PM

normanmark wrote: »

In order for transactions to complete they need that 3 digit security code on the reverse. It's there for transactions where the payment is not done in person.

Paranoia on your behalf, there's nothing to worry about.

Thanks very much - not really paranoid, just wondered about it. I realise that without providing the security transactions can't happen. I guess we have to take as much risk with our card details, especially over the phone as we ever did - reliant on the person using the details to use it for legitimate purposes then protect the information. BTW the phone transaction I made, the item arrived with the card slip with most of the card number obliterated with a thick black marker.

NickX · 27 October 2008 at 8:04PM

You will be covered against any "customer not present" type fraud so I wouldn't worry too much about it.

It is more the cases where the PIN has been used that the Card Providers are disputing by saying that a "Chip and PIN" transaction is secure so you must have been negligent with your PIN.

On this basis, the "customer not present" transactions are probably safer than the risk of getting the whole card cloned in a dodgy petrol station.

Barneysmom · 27 October 2008 at 8:08PM

Yup. I had mine cloned in a dodgy petrol station.
Some lucky beggar had a 400 pound meal in London, a thousand pounds worth of cameras and some sports gear.
You never get over it and guard your card like your life depends on it.
I was lucky, I could prove I was on Anglesey at the time.

molar · 27 October 2008 at 8:47PM

The 3 digit security code (CVV2) was introduced for this very purpose, shopping via mail order or online. It's used to prove to the retailer that your in possesion of the card and not just got a copy of someone elses 16 digit number that you've picked up from a receipt or by cloning a magnetic strip.

savetilibleed · 28 October 2008 at 12:22AM

NickX wrote: »

On this basis, the "customer not present" transactions are probably safer than the risk of getting the whole card cloned in a dodgy petrol station.

True! Good job I don't drive!

steam_dan · 20 February 2009 at 12:30PM

I am going to be doing a sponsored parachute jump for my local hospice for which I am required to pay a £70 deposit.
The reservation form asks for all my personal details and my credit/debit card details including the 3 digit security code. On the reverse of the form is the terms and conditions of the jump which I also have to sign.
I am concerned about this as they are clearly going to be keeping my details on file with all the credit card details there for any one to use.
The form should be sent to the Hospice in the first instance but is then forwarded by them to the paracute company.
I understood that they are not allowed to keep credit card details on file and that once they have taken the payment the details should be destroyed. I am I right about this?

savetilibleed · 20 February 2009 at 3:03PM

Is there not an option to pay by cheque, payable perhaps to the parachute company sent to the Charity first? There ought to be really. I wouldn't be keen to send credit card details by post. By secure internet it is different.

I'm sure you must be right about not keeping details longer than for the payment to clear, but as long as they do that.

steam_dan · 20 February 2009 at 4:36PM

Thanks. There is an option to pay by Cheque which is what I intend to do. I have also spoken to the hospice's fundraising team to express my concerns.

Robert_Sterling_3 · 20 February 2009 at 4:47PM

Is it not the case that if you do a "Card Holder Not Present" purchase then the item will be delivered to your address and to nowhere else.

The use of the 3 digit code serves a purpose. Those of us in IT say that it provides PGP as does a 4 digit pin number.

PGP Pretty Good Protection Not entirely foolproof

e.g. With a credit card you have 1 chance in 10,000 of guessing what the pin number is etc . With the security number you have one chance in 1000 of guessing it.

Security code on debit or credit cards

Comments

Confirm your email address to Create Threads and Reply

🚀 Getting Started

Categories

Is this how you want to be seen?

Get our FREE Weekly email full of deals & guides - and it’s spam-free