Cardholders do not need to worry about fraud thanks to zero-liability policies from major card issuers.
Unfortunately, the primary way that criminals get credit card information for use in online (or phone) fraud is via phishing scams, which also will result in the capture of the CSC codes for the compromised credit card. This fact of life has reduced the real-world effectiveness of the CSC codes as an anti-fraud device.
The code is found in different places on the various families of cards, and is referred to by several different names:
- Mastercard, Visa and Discover cards have a 3 digit code, called the "CVC2" (card validation code), "CVV2" (card verification value) and "Cardmember ID" respectively. It is not embossed like the card number, and is always the final group of numbers printed on the back signature panel of the card.
- American Express cards have a 4 digit code printed on the front side of the card above the number, referred to as the "CID", or Card Identification Number. It is printed flat, not embossed like the card number.
Another potential value of CSC codes is for subscription-based services. Again theoretically, a merchant who needs to rebill a credit card would not store the CSC code after the initial transaction. That way, if the merchant's credit card database were to be compromised the thieves wouldn't get access to the CSC codes.
Unfortunately, the only way this works is if the use of CSC codes is optional (otherwise the merchant would need it to rebill the credit card as well)... and if that is the case CSC codes aren't actually needed by the thief anyway.
0 comments:
Post a Comment Subscribe to Post Comments (Atom)