Blogs > How does Dynamic CVV work, and how does it improve transaction security?
04 January –

How does Dynamic CVV work, and how does it improve transaction security?

Does Dynamic CVV live up to its hype and reduce the possibility of card fraud? Pismo investigates

Alexander Hamilton
4 min

In recent years, consumers have increasingly turned to online and mobile-based shopping, purchasing everything from their groceries to the latest gadgets from the comfort of their homes. With this rise in e-commerce, consumers are exposing themselves to a new type of fraud.

Theft of card details now means fraudsters can make purchases without merchants seeing the physical card itself. To help prevent this, merchants require a card verification value (CVV). Almost everyone has seen this three–digit code on the right side of a card signature strip.

Card issuers authorise a CVV at checkout and validate it against their records. Merchants receive an authorisation or decline message in return. Despite the implementation of this extra layer of security, criminals have adapted. 

They can still make fraudulent payments using malware, images of cards, or by stealing physical cards from owners. Whole ledgers of card details – including CVVs – are listed and sold in online black markets.

Card not present (CNP) fraud has boomed in the past few years. Every US dollar lost to fraud costs retailers and banks four times more to recover from. In the UK, £200 million was lost to CNP fraud in the first six months of 2022.

Enter Dynamic CVV

Dynamic CVV is a technology designed to make online and in-store payments more secure and prevent fraudsters from making recurring payments using card information. 

Traditional CVV codes are static and remain the same for the entire lifespan of a card. If a fraudster gains access to those details, they can make purchases for as long as they go unnoticed. 

Dynamic CVVs change the game. Using this method, the three-digit number changes at regular intervals. This means a stolen card becomes unusable online – sometimes in as little as 20 minutes. Société Générale Head of Card and Digital Services, Julian Claudon, says the rate of fraud for the bank’s Dynamic CVV cards is “almost zero”.

Extra revenue, more effortless experience

Batteries powered the first versions of dynamic cards. They had a lifespan of between three and five years. This meant they (usually) lasted until the next issuance window. Yet these cards are also expensive. Issuance costs can be as high as $15 per card, compared to $3 for regular EMV cards.

Institutions are embracing an alternative way to provide dynamic codes. This involves embedding the functionality into mobile banking applications. Customers log into their app to view their latest CVV, rather than fish through their wallets for cards. Through this, Dynamic CVV technology improves the user experience of paying online or in stores.

Banks also have the choice of deploying dynamic cards alongside their existing portfolio. Some organisations offer subscription services to gain access to Dynamic CVV. Institutions could provide the functionality as a bonus for high-spenders, regular savers, or long-time customers.

As an added bonus, merchants need next to no work. No new processes need to be adopted to accept payments from dynamic cards.

Integrating Dynamic CVV into your card network

Dynamic CVV has the potential to reduce fraud rates and protect customers. Yet banks should understand its drawbacks. Some users dislike inputting a new code for every online transaction. User error rates may increase as those who have memorised old codes input old details.

Some merchants offering recurring payments may also find issues with dynamic codes. Updating details for every transaction stage could increase frustration on both sides. However, most retailers need only one authorisation step to set up regular billing.

Dynamic CVV is an innovative method for reducing fraud and increasing customer satisfaction. Yet it is just one building block in a secure and effective card offering. Organisations must look for providers with leading credentials, market availability, and partnerships.

Pismo provides a wide range of security features for card issuing. We embed security into every aspect of our development cycle. Pismo offers AES 256-bit encryption for data in transit at rest, tokenisation support for all PCI zones, and 24/7 analysis of all audit logs.

Our card platform, built on modular API architecture, can address specific needs across banking and payments. It enables banks to create and launch products to meet almost any customer need – including cards with dynamic CVV.

Want to know more about Pismo’s card-issuing capabilities? Check out our briefing, or speak to our experts.

More Articles

05 September -

What makes a cloud migration successful? Planning

Mariana Yamanaka, Group Product Manager – Migrations
4 mins

30 August -

India’s Fintech Journey spotlighted at Global Fintech Fest 2024

Pismo

29 August -

The digital payment revolution: How UPI and cloud tech are reshaping finance

Pismo
3 mins