Robert Kisteleki wrote: > (this is probably OT now...) > > > I'm pretty sure the "entire point" of inventing CVV was to prove you > > physically have the card. > > Except that it doesn't serve that purpose. Anyone who ever had your card > in their hands (e.g. waiters) can just write that down and use it later > hence defeating the purpose of "physically having the card".
But waiters don't know your ZIP code which is the other thing needed for online verification (in the U.S.) 3D Secure is good enough. It will probably be mandatory for payment processors sometime in the future. In the meantime, it just costs the industry less to cover fraud losses. -- S.C.
