CVV check

The card verification value (CVV) appears on credit and debit cards. It is a three-digit number on Visa, MasterCard and Discover branded cards, and a four-digit number on American Express cards. Running a CVV check adds an additional layer of fraud protection to your payments.

As standard, our payment gateway requires merchants to include the payment card's CVV when sending a payment with either a card token or full card details.

The CVV is not required when sending a payment with source ID or a default card, but you still have the option of adding the CVV if you wish. However, when you include the CVV in a request, it is subject to verification – if it does not match, the request will fail.

Looking to change your default CVV configuration? No problem! Your customer success manager can arrange this for you.

CVV check configurations

There are two possible configurations for using the CVV check in your payments: CVV required and CVV optional.

CVV required

If the CVV is required, you must include it for all payment request types, except for those using a source ID. If the payment contains incorrect or missing CVV information, the request will fail.

Creating a customer or adding a card? (CVV required) You are required to include the CVV. If you don't include it, you will receive an invalid CVV response.

CVV optional

Where the CVV is optional, you can send any type of payment request with or without the CVV. However, if you include the CVV in a payment request, it will be subject to verification. If it's incorrect, the payment will not be successful.

Creating a customer or adding a card? (CVV optional) You are not required to include the CVV. But if you do include it, it will be subject to verification checks.

Can we help?

Thanks for using If you need any help or support, then message our support team at [email protected].

Updated 11 months ago

Find out more

CVV codes

CVV check

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.