Sign in
An image of the Stripe logo
Create account
Sign in
Home
Payments
Business operations
Financial services
Developer tools
No-code
All products
Home
Payments
Business operations
Home
Payments
Business operations
Financial services
Developer tools
Overview
Fraud detection
    Overview
    Risk evaluation
    Risk settings
    Reviews
    Lists
    Rules
    Radar Session
    Testing
    Integration
    Disputes and fraud
      How disputes work
      Responding to disputes
      Dispute withdrawals
      Fraud prevention
        Identifying fraud
        Types of fraud
        Card testing
        Verification checks
        Best practices
        Advanced fraud detection
      Measuring disputes
      Disputes on Connect
      Monitoring programs
      High risk merchant lists
    Analytics
Stripe data
Financial reports
Payment authentication reports
Revenue recognition
Startup incorporation
Climate
Identity
Tax
Financial Connections
Account
Dashboard
Radar
·
HomeBusiness operationsFraud detectionDisputes and fraudFraud prevention

Card verification checks

Learn how to make use of card verification checks to protect against disputes and fraud.

When a card payment is submitted to a card network for authorization, Stripe provides the CVC, postal code, and billing street address for them to verify (if you collected these from the customer in your checkout flow). The card issuer checks this against the information they have on file for the cardholder. If the provided information doesn’t match, the verification check fails. A failed CVC or postal code check can indicate the payment is fraudulent, so review it carefully before fulfilling the order.

Each Charge object includes the verification response as part of its source attribute. You can also find the verification results in the Dashboard when viewing a payment.

If no information is collected, the card issuer can’t perform a verification check. Collect the CVC, postal code, and billing address for every payment to avoid this issue. The results of verification checks help improve the detection of fraudulent activity.

Card verification code check (CVC)

The CVC (also referred to as CVV) is the three- or four-digit number printed directly on the credit card, usually on the signature strip or the front of the card. Radar includes a rule to block any payments that fail the CVC verification check, which you can enable or disable within the Dashboard (this doesn’t affect payments where the CVC check couldn’t be performed).

You can perform CVC verification by providing the CVC value either when you create a payment with a new card payment method, or when you attach a new card payment method to a customer. To re-verify the CVC on a previously saved card, refer to the integration guide on CVC recollection.

In general, only cardholders in physical possession of the card should have access to the CVC number. Businesses are not permitted to store the CVC number, so it’s unlikely that a fraudster can obtain this information through a computer breach. However, CVC verification doesn’t protect against the physical theft of a card, nor card information being used on a computer or website that isn’t secure.

Address verification (AVS)

Address verification (AVS) checks two pieces of information, the postal code and the billing street address. AVS checks determine whether this information matches the billing address on file with the card issuer. Radar includes a rule to block any payments that fail postal code verification, which you can enable or disable within the Dashboard.

If enabled, these address checks can fail on legitimate payments in some situations. For example, a customer entering their address incorrectly or moving and not updating their address with the card issuer could cause the address check to fail.

Support for both types of AVS checks varies by country and card issuer (for example, certain countries don’t use a postal code or some card issuers don’t support street address verification). However, street address verification is commonly supported for cards issued in the United States, Canada, and the United Kingdom.

See also

  • Best Practices for Preventing Fraud
  • Types of Fraud
  • Identifying Fraud
Was this page helpful?
Need help? Contact Support.
Watch our developer tutorials.
Check out our product changelog.
Questions? Contact Sales.
Powered by Markdoc
You can unsubscribe at any time. Read our privacy policy.
On this page
Card verification code check (CVC)
Address verification (AVS)
See also
Stripe Shell
Test mode
Welcome to the Stripe Shell! Stripe Shell is a browser-based shell with the Stripe CLI pre-installed. Login to your Stripe account and press Control + Backtick on your keyboard to start managing your Stripe resources in test mode. - View supported Stripe commands: - Find webhook events: - Listen for webhook events: - Call Stripe APIs: stripe [api resource] [operation] (e.g. )
The Stripe Shell is best experienced on desktop.
$