Open Iamdbat opened 13 years ago
Iamdbat
commented
13 years ago Merchant Services charge a monthly charge for NON PCI Compliance as a result of not being able to see and enter the cvv on the back of credit cards
This is an avoidable expense!
sneader
commented
13 years ago Technically, PCI standards state that you CAN NOT SAVE AND STORE the CVV. Rinalds is doing it RIGHT by not storing this data.
HOWEVER, I would still like to see an OPTION to allow the store owner to STORE or NOT STORE the CVV.
Iamdbat
commented
13 years ago The contradiction here is that merchant credit card services CHARGE for NON PCI Compliance which is the non use of the cv v number when entering a credit card manually on a credit card machine so this doesn't make sense as I see it besides PCI compliance when it comes to the internet in my view will NEVER become a 100% reality and how can that be policed? - Surely this is what SSL is all about? or whats the point in paying for a certificate in the first place? - It makes no sense not being able to see the cvv number and yet you can see the card number and the expiry date
sneader
commented
13 years ago The concern is that a hacker could break into your site and steal not only the credit card number, but also the CVV number. This would be very bad. Having the card is bad enough, but most sites won't take an order if the CVV isn't right. That is why the CVV should never be stored, and that is why it is written into the PCI DSS specs to never store it.
The c v v is essential and needs to be seen and read - as it stands - its giberish and is costing merchant fees by way of non PCI compliance - Rinalds please pay attention to this - any online store needs to comply these days and this is a major failure in Livecart - All your loyal customers require this to be fixed - please don't ignore us