Incorrect CVC
What This Means
The card verification code (CVC/CVV) provided does not match what the issuing bank has on file. This typically occurs during initial card entry rather than recurring charges, since CVC is not stored for subscriptions. For SaaS businesses, this usually means a customer mistyped their security code at checkout.
Retrying will likely fail again. The customer needs to update their payment method or contact their bank.
Common Causes
- 1Customer mistyped the 3 or 4 digit security code on the back (or front for Amex) of their card
- 2Customer entered the CVC from a different card than the card number provided
- 3Card was recently reissued with a new CVC but the customer is using the old value
Recovery Tactics
- 1Display a clear error message asking the customer to double-check the CVC on their physical card
- 2Add a visual indicator showing where the CVC is located on common card types
- 3Allow the customer to re-enter their full card details if the CVC continues to fail
How healthy is your Stripe account?
Get a free churn health report. Find pending cancellations, failed payments, and expiring cards putting your MRR at risk.
Run Free AuditRelated Decline Codes
FAQ
Is an incorrect CVC decline a sign of fraud?
Not necessarily. Most incorrect CVC declines are honest mistakes by legitimate customers. However, repeated CVC failures on the same card number could indicate a fraudster testing stolen card numbers, so monitor for patterns.
Does Stripe store the CVC for recurring charges?
No. PCI compliance rules prohibit storing the CVC after the initial authorization. Recurring subscription charges do not require the CVC, so this decline code only appears during initial card entry or when a customer updates their payment method.
How healthy is your Stripe account?
Get a free churn health report. Find pending cancellations, failed payments, and expiring cards putting your MRR at risk.
Run Free Audit