top of page


Requiring customers to provide the card security code at checkout will reduce fraud attempts, but can also cause a decline in sales conversion.


Requiring customers to provide the card security code at checkout will reduce fraud attempts, but can also cause a decline in sales conversion.

The card security code is a tool for merchants to verify that the consumer is in possession of the card. This helps to prevent fraud in which the fraudster may have acquired the credit card number in the trash or online, but is not in possession of the physical card so they cannot give this extra set of numbers. However, adding this step to the checkout process has shown to cause a nominal reduction in sales conversion, but how severe are the consequences?


Get Elastic eCommerce Checkout Report Webinar Presentation Slides - Presentation slides from The eCommerce Checkout Report webinar by Elastic Path and Netconcepts

Card Security Schemes - Discussion of card security schemes, such as the CVV2 number, in the Fraud Library



Provides participants foundation level knowledge about the theories, best practices and terminology surrounding electronic payment fraud. Presented in a standard format covering the history of eCommerce Fraud, consumer fraud, merchant fraud, fraudster motivation, fraud trends, identity verification and phishing.


A Understanding and Conveying Impact of Fraud Controls on Consumer Experience and Sales Conversion.

I have to say up front that I actually find this hard to believe, and I cannot say I have ever seen or heard this from sites I was working with. According to the eCommerce Checkout Report, conducted by Elastic Path, and presented by Jason Billingsley, on the Internet's Top 100 Online Retailers merchants, merchants that did not make the card security code entry required were able to achieve a 40% higher conversion rate.

I find this figure hard to understand, since I have worked with a number of retailers over the years in their effort to implement the card security scheme, and the drop off in sales conversion that I saw in these cases wasn't anywhere close to this figure. In fact all of these sites only experienced a temporary rubber-band drop off, with sales conversion coming back in-line in less than a 3 to 6 month timeframe. I might have found it conceivable if we we talking about the year 2001, but this survey is relatively recent, Feb 2007, so the program has been in operation for years now.

Why should you care? Well if this is the reality of the program, than e-merchants are going to lose money regardless of what they decide to do with the card security code. If you don't collect this information and pass it along with your authorization than you pay a higher discount rate for the transaction.

Additionally you lose whatever fraud prevention uplift this program was designed to provide; meaning you pay more money in fraud or fraud screening. If you do decide to implement and require the card security code, and these findings are accurate, than according to the eCommerce Checkout Report you are going to lose a significant portion of your business.

If these findings are accurate, e-merchants should be banging down the doors of the Associations to make some changes NOW. DEMANDING recourse! Wait a minute, why aren't merchants already complaining about this? Why haven't we seen a mass exodus to take the card security code scheme off of their websites? Hmmmm, interesting...maybe it would be prudent to investigate this further...

The webinar is no longer active at the getelastic blog, but I have provided a link to the eCommerce Checkout Report presentation slides, I do recommend checking it out. The eCommerce Checkout Report is from Elastic Path and was done in 2007. The main subject of the report was "These are a few of the 23 tactics we evaluated as we studied the checkout process of the Internet’s Top 100 Online Retailers."

bottom of page