Hacker News new | past | comments | ask | show | jobs | submit login

It's pretty standard among ecommerce companies to store the CVV code though, isn't it? Amazon, PayPal, and Google Checkout all do.



No. It's not allowed. However, you usually don't need to send over the CVV code to make a transaction if previous transactions have been made to that mid.

At the same time, Visa and MC make up their own rules, and Amazon, PayPal, and others could have their own agreements.


Ah the subsequent-transactions thing must be it then. I know I've only had to enter my CVV the first time I've used most online shopping sites, so I assumed they just stored it.


Indeed, you don't need to do it ever. I don't take CVV codes, nor does 37 Signals.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: