Visa Checkout uses a combination of proprietary and third-party technologies to implement fraud checks while processing transactions on your behalf. These checks provide account validations on all Visa Checkout accounts when the:
- Account is created or accessed.
- Customer logs in to Visa Checkout.
- Card is associated with the account, updated, or used in a transaction.
Visa Checkout Fraud Checks
Examples of fraud checks include device and IP data checks, velocity, address verification (AVS), and card number verification (CVN or CVV) results from the card issuer, enrollment attributes, Visa Checkout transaction history, and Visa internal fraud checks. Specifically, for every card added to a Visa Checkout account, regardless of card brand, Visa Checkout performs a validation procedure before passing the card information to a merchant. This validation procedure includes an AVS check (Address Verification) and a verification of the CVN or CVV number. A full or partial match is required for Address Verification and a match or unsupported response is required for CVN.
Risk declines are the responsibility of the card issuer and the merchant. Visa Checkout does not decline transactions at a transaction level, except in extreme circumstances. For example, when an account is disabled due to suspicious activity or a government sanctions list match.
AVS & CVV Responses
Visa Checkout does not use the AVS or CVV code, however, if the merchant requires it, Visa Checkout will still process the transaction.
Card Security Code Usage
Visa Checkout performs a verification of the Card Security Code for each card used for a Visa Checkout transaction or passed to a merchant for processing. Similar to a "card on file" scenario, the validation can be performed once, without reverifying the Card Security Code during each use of the card.
You are encouraged to implement risk management best practices for Visa Checkout transactions as you would for any other eCommerce transaction. Because the Card Security Code is validated for the Visa Checkout payment method being used, a historical “match” response should be assumed.
Currently, card brands supported by Visa Checkout do not downgrade interchange based on the absence of a Card Security Code for "card not present" transactions. You should check with your acquirer or processor to determine whether they have any policies or fees specific to your contract, related to authorizations that do not contain a Card Security Code.
Typically, the Card Security Code in a response is optional information that can be included in a re-presentment. However, whether a Card Security Code is required to reverse a particular chargeback may depend on the card brand. Merchants are encouraged to speak with their acquirer to understand the chargeback re-presentment rules and reversal criteria for a specific card brand.