This article covers CVV code handling for recurring payments in the legacy Forms Manager, including why PCI standards prevent CVV storage on subsequent transactions and what payment gateways must support.
💡Quick answers
- Why do recurring payment gateways need to accept transactions without a CVV? PCI data security standards prohibit storing CVV codes, so any gateway processing recurring transactions must be configured to accept payments that don't include the CVV code.
- Is the CVV code collected on the first recurring payment transaction? Yes, the CVV code is collected along with billing information on the initial subscription transaction, but it is not included in subsequent automated charges.
- Does this CVV disclaimer apply to the new Forms product? This article addresses the legacy Forms Manager product; the new Forms module is Finalsite's recommended current product for forms and payments.
- What happens if a payment gateway requires a CVV for every transaction? Recurring transactions will fail because subsequent charges are sent to the gateway without a CVV code, so the gateway must be configured not to require one.
This article refers to our legacy product, Forms Manager. For the best Finalsite experience, we recommend using our newest product, Forms, which is already available to you in your modules list. To learn more, please review "Which forms module do I have: New Forms or Legacy Forms Manager?"Â
Any gateway used to process recurring transaction must be configured to accept transactions which do not include a Card Verification Value code (also referred to as CVV, CVV2, CVC2, or CID).
When customers subscribe to a recurring payment plan and submit their initial transaction their card's CVV code will be collected (along with other billing information) and sent to the gateway for validation. Subsequent, automated recurring transactions will not include the CVV code with the rest of the billing information sent to the payment gateway due to PCI data security standards that prohibit the storage of CVV codes. Â Therefore, to ensure your gateway is capable of processing recurring transactions, the CVV code cannot be required to process credit card transactions.Â
Comments
Please Sign in to leave a comment if you don't see the comment box below.