Overview about CVV less feature and frequently asked questions
Visa and Mastercard have relaxed the CVV input (card verification value) for processing token transactions. In an effort to make the payment experience frictionless, Juspay is rolling out the CVV-less payments feature for token transactions.
This will provide enhanced user experience by
- Reduction in time spent on payment journey (Retrieval and input of CVV)
- Reduced number of clicks and prevent errors of wrong CVV input
- Up to 3% improvement in success rate
Powered with Juspay SDK, users can enjoy:
- 1-click experience using Juspay Safe
- Native, frictionless payments using Native OTP
Supported Gateways, Card Networks and Issuing Banks
*For PayU and PayTM V2, activation is required from the PG. Please reach out to PayU / PayTM-V2 POC before enabling with Juspay
**Issuing Banks supported for Mastercard:
Steps to enable
Depending on the integration type, following changes might be required :
Payment Page Integration :
Juspay will remove the CVV box for eligible cards. An Over the Air (OTA) update will be required for both Payment Page Web and Payment Page SDK - App integrations to enable this change
Express Checkout Integration :
For App SDK integrations, an OTA update might be required. Support for CVV-less flow will be present for each stored card in the List Card API/SDK response. In the UI, CVV box needs to be removed based on the List Card response, along with a hint message to the user. In the transaction API/SDK call, CVV value need not be passed and the transaction will continue to flow as before
Juspay Java SDK :
Merchants using Juspay’s Java SDK on the server-side will require an update with the latest version 1.2.10
This can be downloaded from MVNRepository https://mvnrepository.com/artifact/in.juspay/expresscheckout/1.2.10
Please check with Juspay KAM or [email protected] to know more details. Availability of this feature is subject to having at least one CVV-less supported gateway configured in Juspay Dashboard, and the gateway enabling support for Merchant ID
1. What is CVV?
CVV is the 3 or 4 digit value, usually present at the back of the card, that is used as a form of establishing the card holder’s identity in card number based transactions
2. What is the CVV-less feature?
For token based transactions, CVV value is no longer needed by Card Networks and Issuing Banks. This feature enhances the user experience by allowing saved card payments without entering the CVV value. Other than avoiding to collect/enter the CVV value, the payment flow remains the same
3. What is Tokenization?
Tokenization is the process by which the card number is replaced with a surrogate value called Token. This token is scoped to a Merchant, Customer and Token Requestor ensuring a more secure payment experience
4. Isn’t CVV a security feature? Does this feature compromise the card holder’s security?
No; An OTP is still required to authenticate the CVV-less transaction. The card token is generated against the card using user consent, CVV and OTP from the customer, with the scope of merchant, customer and token requestor. With this card token, subsequent transactions with cvv-less feature provide enhanced security without having customers enter the cvv again. This feature is secure and 100% compliant with RBI guidelines
5. Is there a limit on the transaction amount with this feature?
No, there is no limit on transaction amount enforced because of this feature. Card holders can make the payment up to the limit prescribed by existing constraints like Card Limit, Account Type, etc.,
6. Does this feature work for guest checkout journeys?
No, the CVV field is made optional only for tokenized transactions. For new user checkout and repeat checkouts using the Card Number (PAN based transactions), CVV is mandatory. In case the CVV field is not included for these checkout journeys, transaction will fail
7. Do all cards support this feature?
CVV-less flow is the latest feature, and is gaining adoption. The availability of this feature is contingent on support by Issuing Banks, Card Networks and Payment Gateways. Currently, all VISA and select MASTERCARDs are supported. This feature will be extended to more Issuing banks, Card Networks and Payment Gateways in the coming days
8. Are DOTP (or Native OTP) and CVV-less both the same?
No, both are independent features and are aimed to enhance customer experience. DOTP is the enhanced authentication experience, and CVV-less will work regardless of DOTP support. Also, CVV-less feature will not impact any existing features of Juspay including Juspay Safe, Subscriptions, Offers, EMIs, etc.
9. Are VISA 1-Click and CVV-less the same?
No. VISA 1-Click is aimed to allow transactions without entering CVV value and OTP for transactions up to INR 5000 and is currently halted. CVV-less feature is simply the existing payment flow using tokenization - but without CVV. There is no limit on maximum transaction amount, and still continues to verify the identity using an Additional Factor of Authentication (Usually OTP)
Updated 1 day ago