Card ID Verification Settings (CVV Rules)
The Card ID Verification Settings page lets you control how the Gateway handles transactions based on CVV (Card ID) results returned by the card issuer.
These settings allow you to:
- Set rules per processor
- Apply separate rules for US vs non-US transactions
- View a history log showing when changes were made and by whom
Note: Card ID Verification rules apply only to eCommerce and MOTO (keyed) transactions, not card-present transactions.
Common CVV Rules
- Reject if CVV is missing or not processed (US)
Blocks transactions when a CVV is not provided or the issuer does not process it. This is commonly used to require CVV on all keyed transactions. - Reject if CVV does not match (US)
Blocks transactions when the CVV was provided but does not match the issuer’s records. This helps reduce fraud and card-testing activity.
Less Common CVV Responses
Additional options may appear for cases where:
- CVV should be present but the issuer did not indicate it
- The issuer is not certified or did not provide an encryption key
These scenarios are rare, and most merchants rely on the first two rules.
Saving and Reviewing Changes
After selecting your rules:
- Click Save
- Open History to review when changes were made, which rules were added or removed, and which user made the update
Video Walkthrough
Watch the video below for a full walkthrough of configuring Card ID (CVV) Verification Settings and reviewing rule history in the EPD Gateway: