On Sat, Jun 9, 2012 at 7:14 AM, Joel Maslak <jmaslak@antelope.net> wrote:
That said, the purpose of CVV is to stop *one* type of fraud - it's to stop a skimmer from being able to do mail-order/internet-order with your card number. The CVV is not on the magnetic strip, so a skimmer installed at the ATM or gas pump won't be able to capture it.
No, it's to stop more than one type of fraud - however your point is correct in that it's not designed to stop *all* fraud, it's just one of many layers of prevention. In addition to the one you've mentioned, the CVV2 also stop the card being fraudulently being used in any situation where the card number has been leaked, such as a database of card numbers being hacked, a receipt with the full number on it (rare if at all existent these days), etc. The rules on CVV2 numbers basically say that the number can never be recorded by the merchant after the transaction has been processed, which pretty much means that they can't store it at all in any form. If a database is hacked, the CVV2 number will not be there. Scott