Online & Telephone Transactions

Building Confidence In Online Transactions

Each year, airlines, Internet and catalog merchants, and telemarketers conduct $200 billion in business through "card-not-present" transactions with customers they never see. The Internet, in particular, offers new opportunities for retailers to sell goods and services. But electronic commerce also brings new kinds of payment card fraud.

MasterCard card verification and security programs enable cardholders to feel more confident about conducting online, mail order, and telephone transactions. We've provided the following important steps for helping to keep these kinds of transactions secure.


Fraud is a particular concern for mail order, telephone order, and Internet businesses, since transactions are card-not-present. Businesses can minimize the occurrence of fraudulent transactions through a number of safeguards.

  • Prior to shipping merchandise, call the phone number the customer provided and verify the transaction information. Often, fraudsters are unable to verify the information they originally provided, since they order at random and do not keep a record of what they requested.
  • Be sensitive to priority shipments for fraud-prone merchandise, which may indicate a fraudulent transaction.
  • Be wary of orders from past customers that differ from their usual purchasing patterns.


To address the unique concerns of direct marketers, MasterCard recommends using the Address Verification Service (AVS) and Card Validation Code 2 (CVC 2). These highly effective cardholder verification programs can make transactions safer and more profitable.

Address Verification Service (AVS)

The Address Verification Service (AVS) helps reduce the risk of fraudulent use of account numbers in card-not-present transactions. When a customer provides an address with an order, AVS automatically compares it to the billing address on file with the card issuer. This risk reduction measure is especially helpful to merchants conducting business on the Internet. If the billing address and the card address on file do not match, you will receive a response code indicating this during transaction processing. You can then choose to either deny or proceed with the transaction.

Card Validation Code 2 (CVC 2)

The Card Validation Code 2 (CVC 2) is a three-digit code indent printed on the signature panel of MasterCard cards. This added security measure enables a retailer to verify that the buyer has the actual card in hand during a card-not-present transaction. MasterCard strongly recommends that businesses ask each consumer for the Card Validation Code when conducting a transaction on the Internet or by phone. Like mag-stripe data, merchants should never store CVC 2 codes.

For more information about AVS and CVC 2, please contact your bank or Payment Services Provider.


MasterCard SecureCode makes online shopping more secure for retailers and their customers by providing cardholders with a unique personal code for their transactions. In addition to helping prevent chargebacks and fraud, MasterCard SecureCode can give customers greater peace of mind and allow electronic retailers to ship orders with confidence. It's a simple, cost-effective way to encourage e-commerce while reducing risk.

Learn More About MasterCard SecureCode


You can help protect your business and your customers against hackers and other security challenges by becoming PCI compliant. The MasterCard Site Data Protection program provides the requirements, guidelines, and tools that improve your security posture by identifying vulnerabilities in your systems and helping you understand how to greatly reduce the risk of having your customers' data compromised.

Payment Card Industry Data Security Standards and Site Data Protection Program


A large percentage of consumers have indicated that SecureCode would increase their likelihood of buying more online.


Get more engaged with MasterCard acceptance and the innovative thinking that's behind our products and services.