Security Code No-Match Filter

The Card brands implemented the 3- or 4-digit security code to act as a verification that the person ordering your product or service in a card-not-present environment has physical possession of the card. Visa calls the code CCV2; Mastercard refers to it as CVC2 and American Express and Discover use CID. While this validation can be a useful anti-fraud tool, typically, many issuing banks do not decline the transaction based upon a failure to match the security code. Declining the transaction is left to the discretion of the merchant.

Since American Express declines the transaction when the security code does not match, the Security Code No-Match filter does not apply to American Express transactions. Transactions declined by American Express for a failure to match the security code use the Response Reason Code of 352 - Decline CVV2/CID Fail.

Similarly, if Visa, Mastercard, or Discover decline a transaction based upon the security code results, Worldpay does not apply the filter and the transaction response contains the 352 Reason Code.

If you elect to use the Security Code No-Match Filter Service, the system takes action only if the issuer approves the submitted authorization/sale transaction, but includes a no-match code for the CVV2/CVC2/CID card validation check. In this case, the Worldpay declines the transaction with a Response Reason Code of 358 - Restricted by due to security code mismatch. The system also issues an Auth Reversal transaction on your behalf to remove the funds hold on the account.