- 1 Member.
- 20 Guests.
(Updated) Steam will remember your security code!
UPDATE!
Crossed words in this article are supposed to be treated as false, please ignore them!
Read more about this here in an updated article!
Watch out for this option when you’re purchasing games on Steam:
If you have selected this option Steam will remember your security code you provided earlier – I did not agree to remember this code – and right after you “Buy” a game by clicking the proper button you won’t be prompted if you want to use PayPal, VISA (or any other payment method) and you will buy any game instantly. Best way to check this is to buy any random DLC for a game you don’t own and you will see that it will try to purchase the game automatically.
We encourage you to send a support ticket to Valve to make this optional to remember the security code. You can use this pre-made e-mail message:
Hello!
I am concerned that Steam Store saved my credit card’s security code on an external server after I selected “Save my payment information so checkout is easy next time”. In the past this option only saved my name, address, phone number and still asked me about credit card number, security code and it’s validity.
Also by selecting this option Steam Store prevented me from chosing other payment methods than VISA.
Please make this optional and do not save my credentials next time (but save my name, address etc – just like it was before).
Thank you for your help,
XXX
Update #1:
Sure you can remove your details from My Account section in the store but that is not the point. Steam shouldn’t remember expiration date, security code and the card number itself.
Update #2:
Thanks to our friend ld13 we managed to find interesting information from VISA’s website:
Avoid CVV2 Storage. All merchants are prohibited from storing CVV2 data. When asking a cardholder for CVV2, merchants must not document this information on any kind of paper order form or store it on any database.
Source: http://usa.visa.com/download/merchants/rules_for_visa_merchants.pdf (Page 12)
CVV2 storage. The Visa U.S.A. Inc. Operating Regulations prohibit merchants and/or their agents from storing the Card Verification Value 2 data (security code printed within or immediately to the right of the signature panel) after transaction authorization.
Source: http://usa.visa.com/download/merchants/rules_for_visa_merchants.pdf (Page 60)
Card Verification Value 2 (CVV2)
A Visa fraud prevention system used in card-not-present transactions to ensure that the card is valid. The CVV2 is the three-digit value that is printed on the back of all Visa cards. Card-not-present merchants ask the customer for the CVV2 and submit it as part of their authorization request. For information security purposes, merchants are prohibited from storing CVV2 data.
Source: http://usa.visa.com/download/merchants/rules_for_visa_merchants.pdf (Page 130)
21 Responses to (Updated) Steam will remember your security code!
Latest on Tue, 06:43 pm
: Midweek Madness Skyrim 33% off http://cdn.store.steampowered.com/message/1028181507618443955/
: fallout 3 goty just received a price drop to 20€; also fo:nv ultimate edition (includes all dlc and preorder bonuses) just released
: 
: http://forums.steampowered.com/forums/showthread.php?t=2521400
: http://login.ign.com/prime/promos/rochard/?display=notAuth
: new indie gala bundle later this week at www.indiegala.com/
: money money money
: can anyone explain what's the friggin' deal with Age of Empires III, a 5 years old game being sold as new @40$/€ on almost every DD platform?
: Facebook is archiving the old Facebook group of ours, here's new one https://www.facebook.com/pages/SteamUnpoweredeu/260963810615450?v=wall
: 
: Checkout Crytek's GFACE, a new social platform for gaming http://www.gface.com/closed-beta
: 
: http://www.youtube.com/watch?v=_Jnk8n3WrXU
: new humble bundle live
: http://www.youtube.com/watch?v=UMWW92UhpZs&feature=player_embedded
: 
: http://www.tumblr.com/photo/1280/epic4chan/15893009078/1/tumblr_lxkmq8V94p1r9t8yb
: http://www.avaaz.org/en/eu_save_the_internet/?tta
: http://www.reddit.com/r/Android/comments/oxzje/official_steam_app_for_android_and_ios/c3l34d2
: there's still hope, first ratification of ACTA in polish parliament and even if it passes european parliament has to vote on it then
: yep, another protest today in Warsaw, and next one during National Stadium opening on Sunday
: So PL actually did sign ACTA? :( Is it right that those guy said sth like "i'll not be extorted by those inhabitants"? o.O
: the next indie royale bundle is live (serious sam indie bundle)
: 
Loading ...
First 1€ ≠ 1$ and now they collecting our credit cards details…
For people who don’t understand:
Save my payment information so checkout is easy next time – shouldn’t save your SECURITY CODE for your credit card.
lol,
Whats wrong with that? That is not new and if you would like to use other payment method or other credit card you can do that by click an edit before the last step in every payment.
I happy, because i don`t need to write again and again my card information, just next next next and i purchased my game ))
Or you are worrying that steam will stole your credit card? XDDD
You are funny, really ))
Imagine this, you go into the grocery store, buy some bread and orange juice. You go to the checkout and pay with your card.
The next day you do the same except they:
- won’t allow you to pay with cash
- will remember your pin number
Question: Would you like that?
Well you got the point here.
I personally like that one click buy.
And btw, correct me, if I am wrong, but as I remember, the VISA payment system was changed. It didn’t ask for that security code, it asked only for your name.
So I think that this could be reason of “saving payment information” – they simply doesn’t save that security code, they don’t need it anymore.
@kipa – That is the thing, it does not allow you to change the payment anymore. I just tried it with a DLC and it tried charging my card instantly after I selected “buy for myself”. That is not nice. A merchant must at least require the CVV number before charging as they are not allowed to ‘know’ that beforehand. The CVV number is the proof that you do have the card in your hand.
@slay – OneClickBuy is dangerous if not set up with the full consent of the user thereof. I wonder how Amazon.com gets around the CVV storage regulations . . .
oh shit, i tried that with DLC from game i donˇt own, as you said, and really that is instantly O.o
wtf?
@ld13
wth? I can write my whole number (inkl. CVV) out of my memory. Card on my hand? Come on. Wake up ..
Question sent
@Spooky Thank you for reminding me to wake up. Just had a nice cuppo java so I should be fairly awake at this stage. I still do not get what your problem is though. I know my card info off by heart as well. In fact I removed the CVV number from my card to protect myself against card theft. I’m just trying to explain the reason why the CVV is there in the first place. I did not like make it up or anything. In fact, let met quote directly from Visa: “[the CVV2 code] is a three-digit number imprinted on the signature panel of Visa cards to help card-not-present merchants verify that the customer has a legitimate card in hand at the time of the order” – That is why they are so strict about NOT storing CVV info.
Ergo Steam is not in violation of any Visa merchant regulations. I just verified this with Visa too. The CVV is there for the merchant and does not get used in normal transactions at all once the merchant trusts the card/user.
Only fool would check that box.
PS: D2D ir gamers gate have same option
D2D remembers Credit card number, but they will ask for security number during checkout.
My question is – once and for all, to make this clear (because I pay via PayPal, so I don’t know this):
Does Steam remember also security number?
I asked once on Steam forums and reply (by some user, not mod or guy from Valve) was: Steam will ask for security code.
“Does Steam remember also security number?”
Yes.
“Does Steam remember also security number?”
No. It does not need to remember it after your first transaction!
The CVV acts as a mechanism against fraud for the Merchant/Steam. If the CVV matches the first time you buy with that card they know you got the card “in hand” as such. They would then eg. flag you/the card as trusted and allow you to buy against that card for your next purchase…if you selected that option. They would thus not need to re-verify the card using the CVV on your next purchase.
Paypal works on the same principle. They verify your CVV initially and flag your card as “verified/confirmed” or whatever term they want to use and stores your CC number for the next time you want to use it. PayPal just takes it a step further by asking for a special code directly from your card’s statement – something that only the Original Card Holder should have access to. This is much safer as anyone can steal your card info and use it online but not everyone can access your bank statements.
The problem I have is with this InstaBuy ‘function’ that someone at Steam thought would be an awesome feature. Steam needs to return to the previous way the system worked. The ‘store CC info’ box can stay but they should ask the user to re-enter the CVV like I heard D2D does on each purchase imo. Otherwise they might also think of implementing Verified by Visa – Not sure if they have that yet though.
So Steam promoted itself on PayPal level.
If I let my imagination go further: when someone steal your account and you had your CC informations saved then VAC ban is the smallest thing you have to fear about. You can find your account full of games you didn’t bought and bank account sucked to bottom and dry as Sahara desert – especially with those prices on Steam :) I wonder how will you proof that you didn’t buy those games and of course if you block the payments before money was send you will be considered as fraudulent user.
Got answer from support with the pre-made question now:
—
Hello,
A staff member has replied to your question:
Hello Robert, Thank you for contacting Steam Support. To remove your credit card details from your Steam account:
- Log in to your Steam account and click on the “Store” Tab. – In the upper right hand corner, click on the “your account” link. – Under “Payment method” you will see your card type and the last 4 digits of the card that was saved.
Click the “Delete” link, to remove this information from your Steam account.
NOTE: If you do not see a “Payment method” section above “Licenses and subscriptions”, this means that your credit card information is not stored.
The next time you complete a purchase, you will need to enter your credit card information. If you do not want your credit card information saved, uncheck the box that says “Save my payment information so checkout is easy next time ”. Please let us know if you have any questions, or if you encounter any further difficulty.
–
Pingback: (Updated) Steam will remember your security code! - Steam Unpowered Card on me
Pingback: (Updated) Steam will remember your security code! - Steam Unpowered Money just to Me
Pingback: (Updated) Steam will remember your security code! - Steam Unpowered Afordable by about
Pingback: (Updated) Steam will remember your security code! - Steam Unpowered Anti Spam
Pingback: (Updated) Steam will remember your security code! - Steam Unpowered Vioxx Me