Join the Community

22,042
Expert opinions
43,974
Total members
375
New members (last 30 days)
176
New opinions (last 30 days)
28,689
Total comments

Guidelines for Merchants re writing down of Security Code?

The other week in a single day I completed 4 Charitable Donations forms where in 2 instances the paper form only asked for Cardnumber & Expiry Date, whilst in the other 2 instances they also asked for the Security Code to be written down.

In the latter instance, one of the forms was subsequently returned to me as it was incomplete. If that had been intercepted or discarded then there would be scope for mischief/fraud/identity theft? Is there any regulation that says they should not be doing this?

I'm fully aware of the PCI rules regarding storage of such data, this issue is to do with simply recording it on paper and entrusting it to the Royal Mail. 

I polled a rival PCI Industry forum 2 weeks ago, and I've received no responses. 

Perhaps its no wonder that Merchants don't know what to do, if the members of such PCI groups haven't seen fit to inundate me with responses? But if some Merchants can process the transaction without Security Code, why should others have to ask for it - we're talking about sums less than £50.

So I thought I'd ask the same question of the esteemed Finextra community - don't let me down!

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,042
Expert opinions
43,974
Total members
375
New members (last 30 days)
176
New opinions (last 30 days)
28,689
Total comments

Trending

Now Hiring