Make sure the customer can provide the name on the card, the billing address, card number, expiration date, and the CVV code on the back of the card.
Whether you process on a virtual terminal or on a physical terminal, you should always request card information when keying in transactions. Virtual terminals have safeguards in place to protect you against information mismatch with the issuing banks. Even physical terminals provide the ability to enter in specific card information such as billing address and the CVV code on the back of the card.
Name on the Card
The name on the card must match the cardholder’s name to reduce the chances of fraudulent transactions. The error message "MISSING:billing_address.first_name" on virtual terminals means the name entered does not match the card holder’s information with the issuing bank.
The billing address provided must match the billing address on file with the issuing bank. Virtual terminals have a safety net in place where if the billing address entered does not match the billing address on file with the issuing bank you will receive a street address and postal code do not match error. This error is to protect you against fraudulent transactions.
Each number plays a crucial role in identifying the card provider, bank, and account information, as well as providing a security check.
Every card, no matter the network or bank, must be in agreement with the Luhn System which determines the validity of a credit card. It's a mathematical algorithm where various combinations of numbers must add up to a number ending in 0. If the total of the combinations adds up to anything other than a multiple of 10, the card is invalid.
If the card number entered into the virtual terminal does not match what the issuing bank has on file you might receive errors like "The credit card number is invalid" or "Card No. Error."
The inclusion of expiration dates on credit cards is mandated by fraud prevention agreements between card issuers and card networks (e.g. Visa, MasterCard), as they give payment processors one additional piece of account data to cross-check and verify, thereby exponentially decreasing the ease with which criminals can use stolen credit card numbers (which are much easier to come by than expiration dates) to make unauthorized transactions online or over the phone.
When processing on your virtual terminal you might see the error "Expiration Date is Invalid" if the expiration date on the card has expired.
With Fattmerchant, you will be notified if any of the payment methods you have on file for your customers are about to expire.
A credit card’s CVV acts as another line of security against fraud. The CVV, or card verification value, can also be referred to as the CSC, or card security code. These numbers serve as one of the most important anti-fraud measures for a credit (or debit) card, especially with the rise of virtual transactions. So when you make a transaction online or over the phone, asking for the CVV helps ensure that the purchase is legitimate and authorized.
When you use your card in person, retailers can check your ID to make sure you’re the cardholder. But merchants can’t do the same when you make an online purchase. Instead, the CVV serves a substitute for personal identification. Plus, your card carrier can verify your card’s unique CVV in the event verification is needed.
When processing through your virtual terminal you might see the error DECLINED DUE TO CCV2, CVV does not match or INVALID CVV DATA if the bank is reporting the CVV entered does not match what they have on file for that credit card.
Reminder: There are several errors you can receive when keying in card information. Most of the time these error messages are coming from the bank to let you know if something is not matching with the card on file. Instead of trying to decode the messages click to view a list of error messages you can come across within the virtual terminal.
Tip: Use Verified by Visa & MasterCard SecureCode
One more step to prevent fraudulent online purchases is to take advantage of Verified by Visa or MasterCard SecureCode — both programs that require customers to enter a password when using a card online.
For more information on best practices when accepting cards please go here.