Every day, there are lots of new online shoppers making their first transactions: young people who have just gotten their first credit card, and older people who have never bought anything online before.

A 21 year old who just got their first credit card yesterday has not had two decades of experience with CVV codes.

Someone who has had their card for years but has never bought anything online before has not had two decades of experience with CVV codes (since they're never used for in-person transactions).

"Can't we just put a little lock icon next to the CVV on a card, and then put the same icon on the site."

A lock icon would be confusing, since a lock icon is already used to indicate a secure web site. And if someone has never used a credit card online before, they may not have noticed the lock icon on their card.

And good luck trying to get all credit card issuers to agree on a standard icon, when they can't even agree on the format and location of the CVV code. For example, on an Amex card, the CVV code is 4 digits, and is on the front of the card.

I suppose what I'm really asking here is this:

When you ask someone to enter their credit card number on a checkout page, that number is so glaringly obvious that it doesn't necessitate explanation. Everyone seems to know that it is the 16-digit number on the front of your card. You don't need to explain to people via text and diagrams that it is such.

So why isn't the CVV also self-explanatory? How could we make it so? If things like the card number or expiration date don't require documentation, why are cards not designed to make the CVV easily understandable?

Put these numbers on the back of the card, and I think they'd be fairly hard to find for first time buyers. So, to answer your question, maybe the solution is to bring the CVV to the front of the card? ...or does that defeat the purpose?

Having it on the back prevents getting both cc number and cvv off single picture.. so I guess that's something.

My AmEx cards have a 3 digit CVV seeming number on the back in addition to the four digit one on the front.

Not 2 months ago I had to point it out to my friend because she had accidentally written her signature across it, making it nearly invisible.

You want to get paid? Then you explain everything to the customer about how to pay you online because this is not like a sale in meatspace where the cashier can naturally catch customer mistakes and prompt them.

People may not know what a CVV is. Or they might be tired, sick, distracted, etc.

I have six years of college. I was one of the top students in my entire state in highschool. I also am medically handicapped, getting older and newly back in housing after nearly 6 years of homelessness. I often need seemingly "dumb shit" explained to me.

Why do we need to explain this to you? Do you not already know everything?

(That is not intended as a dig at you. More like "food for thought.")

(Edits made. Reason: I fucking hate autocorrect. Ugh.)

Presumably, if someone were to hijack your form, they would be getting the CC number and the CVV. If you lost your card, they would have the CVV. To me it seems like just adding another 3 digits to your card number.

Also, if one has the CC number wouldn't it be feasible to brute force the CVV. There are only 999 permutations. You would have a .1% success rate.

Plus the fb/google authentication buttons with the same logic twice.

Imo it’s just because “everybody else/the bigs are doing so”, and nobody cares to test a different thing.

Note that this isn’t trivial as it seems, as you may have the fb/google buttons, but the bigs don’t.

You don't want to lose a sale because one of your customers is one of the ten thousand hearing about CVVs for the first time.