I just renewed a domain at 123-reg.co.uk, and all I had to do was enter my card number and expiry date. It didn't even ask for the 3 digit code on the back, or the VISA online security PIN. It marked the payment as approved and authorized, and I got a confirmed payment invoice.

What's going on here? I always thought you needed at least the 3 digit code to make a payment. Whats the point of all this security, if you can simply just stroll past it? or am I missing something....

The merchant will probably be charged a higher percentage for not requesting this information, but it will still be processed.

The merchant will probably be charged a higher percentage for not requesting this information, but it will still be processed.
Dayum, doesn't it negate the whole security concept then, if all a fraudster has to do is pay a higher fee on money that wasn't theirs in the first place. Makes no sense at all.

Dayum, doesn't it negate the whole security concept then, if all a fraudster has to do is pay a higher fee on money that wasn't theirs in the first place. Makes no sense at all.
Yes, and that is why they will most likely be paying higher fees to process the transaction and they will have even less charge back defense rights than they already have.

godaddy same, never ask 3 digit security code :D

I've noticed that too... asking for a CVV is not 100% universal yet. That doesn't mean that as an online merchant you should expect to be able to process without one... acquiring banks and processing gateways will require it to protect themselves. Some of the highrisk processors will only do 3D Secure transactions even.