[Rhodes22-list] Wally said, "...? ... comments on Obama [Political]
John Lock
jlock at relevantarts.com
Sat Nov 1 11:05:46 EDT 2008
At 09:45 AM 11/1/2008 -0400, Michael D. Weisner wrote:
>It is not unusual to come across a site that does not require CVV/CVV2 to
>authorize a credit card purchase. In addition to splitting the processing
>functions from online POS to offline to speed processing on very busy
>servers, one of the most popular open source e-commerce designs, OSCommerce
>(www.oscommerce.com), did not utilize full credit card authorization
>functions unless using a payment gateway. Check out the discussions that
>are still a daily event concerning CVV/CVV2 on their forum.(
>http://addons.oscommerce.com/info/6307 ) My sites have always used every
>fraud prevention capability of the system but not all think this way.
Whether to require CVV/2 or not is ultimately a business decision and
does not imply more or less security nor does it have to be related
to server loading. We have many small business clients who just
don't have the sales volume to justify realtime payment
processing. They prefer to do it offline to save costs and, in fact,
this can be a very secure method.
An example is a conventional storefront that also has a website for
selling their products. They already have a merchant account for the
real store and just have it authorized for "card not present"
processing. They can then process their website sales using their
current payment terminal and skip the gateway fees. In addition,
you've got a human eyeballing the transaction, so if a charge looks
bogus, they can follow up with the purchaser. This is a very secure
and workable solution for many lower-volume web stores.
Cheers!
John Lock
~~~~~~~~~~~~~~~~~~
s/v Pandion - '79 Rhodes 22
Lake Sinclair, GA
~~~~~~~~~~~~~~~~~~
More information about the Rhodes22-list
mailing list