undefined | Better HN

0 pointse28eta2y ago0 comments

They might not need CVV, if the transaction looks “good” otherwise:

> A payment can still be successful even if the CVC or postal code check fails. This is because card issuers take many signals into account when making a decision about whether to approve or decline a payment. In some cases, a card issuer may still approve a payment they consider legitimate, even if the CVC or postal code verification check fails.

source: https://stripe.com/docs/radar/rules#built-in-rules

0 comments

js22y ago

:-(

I recently went through the opposite of this. A purchase at denon.com was declined, got a "please verify" email from my issuer which I approved and re-did the purchase. My issuer authorized the payment the second time, but then it got held up by NoFraud who sent me their own "please verify" email which I did. I had used an iCloud Hide My Email address for the purchase so a day later I get another email from NoFraud:

> Thank you for confirming your recent order. We are the fraud solution for the merchants website. We flagged the order for additional review before we notify the merchant to process it. To complete the verification for approval, we require an alternate email address for the cardholder. Please respond with an alternate email address.

At that point I tracked down NoFraud's phone # and called them to finally get the transaction approved.

techsupporter2y ago

> I had used an iCloud Hide My Email address for the purchase so a day later I get another email from NoFraud

I got hit by a merchant using "NoFraud" as well. After making an order from the merchant's site, using Apple Pay on the web (which is, allegedly, rather hard to fake), I received an email saying my order was canceled as it "appears that a merchant-specific email address was used" and to "please resubmit the order using your personal contact details".

They were right, because I always use [merchantname]@subdomain.mydomain.com. Whatever it was couldn't have been that important because I didn't bother redoing it if they're going to be that picky.

(I can't find the purchase confirmation and subsequent email in my email, probably because I deleted it out of annoyance, so I'm not naming who I think I remember it being just in case I'm wrong)

huslage2y ago

as if Email is some sort of durable identifier in the first place.

1 more reply

j / k navigate · click thread line to collapse