Hi @ERHAB,

Nick here from Shopify. Great questions! 

There are a number of different ways and questions you can ask the customer when you contact them to verify the validity of the order:

• Call the number on the order
• Search for the email address
• Verify the addresses (I see they are different here, but if the customer can verify them it would be hugely helpful). 
• Verify the IP address

Shopify has a helpful guide with more information on this too which you can find here. It would be up to you to decide whether or not to accept the order though. My take is, if you aren't comfortable or sure about it, then I wouldn't accept it, but everyone is different and it is ultimately up to the store owner. 

Regarding your question on the CVV number. There is another Shopify help guide which you can read here that has a note about CVV numbers which can be seen below: 

Not all banks support AVS and CVV security checks. When it's enabled, AVS and CVV fraud filters apply only to orders where the customer's card-issuing bank supports these checks. If a bank doesn't support AVS or CVV security checks, then the order is processed, but the security check isn't flagged as a risk indicator in the risk analysis tool.

I wonder if this could be the case for this order? 

Thanks, Nick

Hi @ERHAB ,

Welcome! And great question.

The CVV is the last 3 digits on the back of the credit card. It's used as a secondary verification method so knowing the digits on the front of the credit or debit card isn't enough to prove ownership.

From my understanding, the CVV code is not always required. There are some transactions that aren't required to accept a CVV. Think of purchasing gas for your car at a gas station. They ask you for your ZIP code, but not your credit card's CVV.

In this case, Shopify is just telling you the CVV wasn't prompted for this transaction, therefore that additional verification piece is missing. 

• Unavailable == not prompted to the customer
• Incorrect == prompted to the customer & the customer provided an incorrect CVV

Shopify offers 2 different ways to add additional verification to help prevent fraud. CVV is one, AVS is the other.

To enable either, follow these directions:

1. In the Shopify Payments section, click Manage.
2. In the Fraud prevention section, check the options that you want to use to automatically decline charges.
3. Click Save.

You can read more about these methods in detail at this page: https://help.shopify.com/en/manual/payments/shopify-payments/configuring-shopify-payments

Hi Dylan, thanks for your answer. The option to deny non-CVV-verified payments was already activated. How come the customer was still able to place an order without CVV?

It turns out that we got this message in the fraud analysis system because the person had ordered with Klarna invoice. Quite ridiculous that this leads to an increased fraud risk in the system since no CVV code is required when paying with invoice.

I had this issue too. Billing address & zip matched but it said CVV unavailable and marked as "Low Fraud Risk". I am unfamiliar with the way Klarna works, but is a customer able to use it for any online store, even if the business is not associated with Klarna?

Thanks!