cancel
Showing results for 
Search instead for 
Did you mean: 

Why does entering a different CVV generates a duplicate transaction response?

Hi,

 

I read from the customer support page that CVV is not one of the data fields that is validated for a duplicate transaction. There is a chance that the customer might enter the wrong CVV. A re-enter of the CVV triggers the duplicate transaction response. What is the rationale of excluding CVV in the validation process?

qwertyfinger
Member
1 ACCEPTED SOLUTION

Accepted Solutions

As you likely know, PCI and card issuer rules prohibit storing the card code in any form.  These rules apply to Authorize.Net just as they apply to you as the merchant, we only pass the card code entry through to the processing network and never store it within our system.  Because we do not have a record of what Card Code was used in each transaction, we have no way of detecting if it has changed between transactions and cannot use it in our check for transaction duplication.

View solution in original post

2 REPLIES 2

It's possible to modify your settings to allow transactions to run through without a CVV match, since CVV is really just security for the primary card information. Therefore, it makes sense to not use CVV in duplicate checking, since you could run the same transaction through with different CVV values and have both be a success. Check your control panel and see if it's set to reject on bad CVV.

TJPride
Expert

As you likely know, PCI and card issuer rules prohibit storing the card code in any form.  These rules apply to Authorize.Net just as they apply to you as the merchant, we only pass the card code entry through to the processing network and never store it within our system.  Because we do not have a record of what Card Code was used in each transaction, we have no way of detecting if it has changed between transactions and cannot use it in our check for transaction duplication.