The purpose of various terminal prompts (and why you shouldn’t skip them)

by Neil Moncrief on June 9, 2009

If you use a credit card terminal, and you’ve had it reprogrammed in the past year or two, you may have noticed some new steps were added to the checkout process. In these steps, the terminal may prompt you to enter additional information about the card or transaction. Unless you understand the purpose of these steps, you may see them as a waste of time and even be tempted to skip over them altogether. But doing so would be a mistake! In this post, I’ll explain the four most commonly used security features found on credit card terminals.  I’ll tell you what information your terminal is requesting and how it benefits you to supply that information.

  1. Zip Code and/or Street Number – This information is usually requested when you hand-key a transaction received by phone, mail, or online. When you enter the card number and submit the authorization request, the address information, along with the dollar amount, is sent to your customer’s card issuing bank for approval. Banks that participate in the Address Verification Service (AVS) will compare this information to their customer files to ensure you have spoken with the actual cardholder. (The theory is that bad guys shopping with stolen credit card numbers won’t have access to the address and zip code.) Skipping this step adds unnecessary risk, and will probably result in the transaction being downgraded. In other words, the acquiring bank (represented by your credit card processor) will charge you a higher rate because you made the transaction riskier than it would have been otherwise.
  2. Enter the Last 4 Digits of Card Number – You may have seen this security feature and thought it was a waste of time if no one explained the importance of it. Stolen credit card numbers cause problems for banks and merchants alike, but the problem used to be limited to stores that accepted orders by phone, mail, or online. But now, bad guys can buy equipment allowing them to erase and re-record magnetic strips. This means they can steal authentic credit cards, erase them, and reload the cards with data stolen from other people. These respectable looking cards can then be sold on the streets and used in any retail store. To defend against these cards, merchants are prompted to enter the last 4 digits embossed on the card. If the card has been reloaded, those numbers won’t match the numbers on the magnetic strip. The charge will be denied, saving you from a costly chargeback.
  3. Order Number or Market Data – Depending on how your account was set up, your terminal may request an order number when you enter hand-keyed transactions. If you’re prompted for this information, don’t skip it. Doing so may result in the transaction being downgraded. If you prefer, you may be able to speed up this process by entering a single digit (i.e., 1) for every order. Check with your credit card processor to be sure.
  4. CVV or Security Code – The security code or Card Verification Value (CVV) is the most recent addition to terminal security. E-commerce merchants started requesting this information within the past 5 years, and more recently, it has spread to retail terminals. It is only requested in cases where the card is not present, such as mail orders, phone orders, or Internet orders. The CVV is a 3-digit number printed on the right end of signature strips on Visa, MasterCard, and Discover cards. American Express uses a four digit number printed on the front. The theory is that a bad guy shopping with a stolen card number will not have access to the CVV, since these numbers can’t be printed on receipts, monthly statements, etc. Requiring your customer to have the physical credit card in-hand to place an order with your store reduces your risk of fraud and helps protect you against costly chargebacks.

As time passes, credit card processors and card issuing banks will continue to introduce new features to combat fraud. Their goal is to protect everyone involved in processing credit cards, including you, the business owner. Using these features protects your business and lowers your overall costs. If your current processor isn’t doing enough to protect your business, please give me a call. I’d be happy to talk to you.

I’m happy to provide this information free of charge.  If you found it helpful, please subscribe to my RSS feed so you’ll be notified of future posts.  You can also follow me on Twitter, where I regularly post short tips.  I promise to never spam you or pressure you.  Please forward this to your friends in business, and feel free to rate my post or leave a comment so I’ll know how to improve. Thanks!

Leave a Comment

Previous post:

Next post: