I received a bill that had an option to pay with a credit card on the back, my favorite part of it is the line that asks for:
SECURITY CODE FROM BACK OF CARD__________________________________________
PCI 3.3.2 - clearly states:
“Do not store the card validation value or code (three-digit or four-digit number printed on the front or back of a payment card) used to verify card-not-present transactions”
Perhaps I’ll write “Call if Security code is required” um… no – I think I’ll make an e-check – I’m now wondering what they do with these slips after they receive them per PCI 9.6
Don’t forget about receipts, remittences, or other paper items for PCI reviews. How many people would just go ahead and fill this out if they wanted to pay by credit card ?