Reject Transaction If Card Code value...
Does NOT Match (N)
Is NOT Processed (P)
Should be on card, but is not indicated (S)
Issuer is not certified or has not provided encryption key (U)

What is the best settings to use to be most flexible, yet secure?

You probably should've just made this part of your other thread (http://www.webhostingtalk.com/showthread.php?s=&threadid=332575)... This is up to you of course. Do you want to accept cards without the customer providing a card code when they should or not?

Originally posted by Dan Grossman
You probably should've just made this part of your other thread (http://www.webhostingtalk.com/showthread.php?s=&threadid=332575)... This is up to you of course. Do you want to accept cards without the customer providing a card code when they should or not? Hi Dan,

I guess that's one of my questions. Will setting anything on this page reject the transaction if the card code is not provided? Ie: Recurring transactions?

In my software, it is the software/order form that requires the card code.. but sometimes I might want to manually enter a transaction and I won't have the card code, etc..

Or are the settings on this page just applicable when a card code is actually present in the transaction. (ie: if no card code, then ignore the settings..)

thanks!

Read over the options again because some of your questions are self-explanatory. As for manually entering transactions, AVS/CVV2/etc settings are ignored by the virtual terminal. All you need to make a manual charge is a card number, expiration date and amount to charge.

I suggest requiring cvv2, and declining avs of NNN at bare minimum.

Regarding avs, be sure to inform your customers that they must provide the billing address when ordering.

A short description of cvv2 and a self explanatory cvv2 image would be a good idea too.

Originally posted by Dan Grossman
Read over the options again because some of your questions are self-explanatory. As for manually entering transactions, AVS/CVV2/etc settings are ignored by the virtual terminal. All you need to make a manual charge is a card number, expiration date and amount to charge. Hi Dan,

I appreciate your help. I was actually more thinking about the recurring transactions, etc.

ie: Our software requires CVV to be entered the first time they enter their cc info.. (first charge), but then after that the software does NOT store the CVV2 number.

This is why I was a bit confused.. as obviously I would not want all recurring transactions to fail if I set Authnet to require it.

Thanks.