Query regarding PayZapp 'Add Card' functionality

47°
Deal Lieutenant
10
6201
258

In payzapp we can add our credit cards so that it will be linked and can use these cards for making payments hastle free.

However i do have a query on this functionality.
When we add a credit card to payzapp we never enter the CVV number of the card.
Now while during a transaction if we select this card and click o continue, the bank website is displayed were OTP needs to be entered.
Where is CVV validation happening?
Is it possible in a card payment system to accept a payment without CVV?
What kind of implementation is this?
Does anyone have any idea?
rolleyes

6 Comments  |  
4 Dimers
  • Sort By
10
6201
258
JaiKrish1031 wrote:


https://cdn0.desidime.com/attachments/photos/638770/medium/IMG_20200923_230412.jpg?1600882524

wow..didnt knew this..
will do some digging..
infact so CVV is not needed then.. flushed

144
786
5

For a card transaction, only the card number is a “true” requirement, the expiry date is the “actual” validation that’s done by all banks, the CVV is a validation that’s meant only for payment gateways, and finally the OTP is something that RBI has imposed and hence only valid for domestic transaction.
Now coming back to your question, HDFC in PayZapp acts both like the bank and the payment gateway, so it has the liberty to skip CVV validation, and since it has a damn good security based on this elegant device token system, it does so !

10
6201
258
BlueFlash wrote:

For a card transaction, only the card number is a “true” requirement, the expiry date is the “actual” validation that’s done by all banks, the CVV is a validation that’s meant only for payment gateways, and finally the OTP is something that RBI has imposed and hence only valid for domestic transaction.
Now coming back to your question, HDFC in PayZapp acts both like the bank and the payment gateway, so it has the liberty to skip CVV validation, and since it has a damn good security based on this elegant device token system, it does so !

True. Thanks dude for the insights..

32
2198
20
BlueFlash wrote:

For a card transaction, only the card number is a “true” requirement, the expiry date is the “actual” validation that’s done by all banks, the CVV is a validation that’s meant only for payment gateways, and finally the OTP is something that RBI has imposed and hence only valid for domestic transaction.
Now coming back to your question, HDFC in PayZapp acts both like the bank and the payment gateway, so it has the liberty to skip CVV validation, and since it has a damn good security based on this elegant device token system, it does so !

That’s something new to learn.

Missing