Dynamic CVV involves replacement of the static CVV or CSC (Card Security Code) at the back of the payment card with a randomly generated number at time intervals, which, in some solutions, can be modified by customers. This eliminates the risk of any static CVV information to be stored or compromised and greatly reduces the risk of CNP (Card Not Present) fraud by also offering the ability to include such dynamic data in the authorisation message sent to issuers.
These codes are requested by customers when initiating a payment transaction through logging into a mobile app, which are then sent to them via SMS or email that expires following the completion of the given transaction (or at the time interval pre-defined by the customer). The code appears at the back of the card on a small, ePaper screen by using eInk. Issuers such as Visa and Mastercard have created algorithms for dynamic CVV generation, with which leading manufacturers comply.
Although dynamic CVV will not eliminate CNP fraud, it can alleviate security concerns around credit card utilisation, specifically when eCommerce transactions are considered.
I personally like the mono bank implementation that lets users choose between static, dynamic CVC2 (changes once per hour, CVC2 code printed on the card is invalid as long as this setting is on); and your own CVC2 set by user (code printed on the plastic card is not valid as long as this setting is on) directly in the app.
Surprised that no bank in Canada seems to offers that.
