The Card Verification Value or Card Security Code (or Card Verification Number) is the 3 or 4 digit number on a credit card which is designed to confirm that the person attempting a transaction is in physical possession of the card. There are a number of different names for this code which are largely brand-specific. The CVV is commonly called CVV, CVV2, CVN (Card Verification Number), CID (Card Identification - Amex and Discover), and CSC. There are other terms that will occasionally appear, as well, but they are less common. The number itself must never be stored, though the result of the CVV verification may (and probably should) be stored.
It is extremely common for merchants to reject transactions with a CVN "No Match." After all, why bother checking the number if you ignore the result 
? It is a business decision, however, whether to allow cards that don't support CVV (not all merchants are eligible to verify CID/CVV with American Express - after the AMEX CAPN initiative, which, among other things added a CVV reply code to Amex, I started to observe the "P" response code for transactions where the merchant was not set up, though there may be other reasons for this code). Since Visa mandated CVV for credit and debit cards starting in 2001 and MasterCard mandated it starting in 1997, it should not be a problem for those brands.
HOWEVER, bear in mind that the CVV can get worn off over time, so give your customers a few tries - we recommend 3 - to get their number right. After three tries, message to the effect of "we see you're having a problem processing payments, please call our support group at (XXX) XXX-XXXX to sign up." At this point, you'll want to push the customer to an alternative verification channel. For example, suggest that they contact their credit card company for a new card, or require a signed verification document.
Don't merely assume that because they are calling that they are a legitimate customer having issues with the number, you will still want to treat them like an "unknown," (or a "hostile," depending on your policies) because fraudsters have realized that they are not expected to call in, so they have started to call. I worked with a client in the past where fraudsters figured out the support coverage (the client has 3 call centers dispersed through the western hemisphere), and began timing their calls so that they would be routed to the center where they had the most luck pushing orders through. At another client, an online dating site, CVV was not being required for one of the less common card types due to a coding error, and the client had almost 50% of their payments coming in on that type, which normally would have made up substantially less than 10 percent of the mix. Remember, if there's a hole in your fraud strategy, you can count on it being exploited. CVV is such a low hanging fruit that it should be utilized for initial and other online transactions unless there is a very strong reason to the contrary.
Source(s)
