Visa and MasterCard required all entities who accept credit card payments online to comply with the new Payment Card Industry (PCI) Data Security standard by June 30, 2005. Part of the PCI compliance standard states that CVV information can not be stored in any form.
Therefore, you may only ask for the CVV if you are using an online Payment Gateway, and are authorizing at the time the order is placed. In this instance the CVV will be used for authorization, but will not be stored. Options related to Authorizations are found at Settings/Compatible Software/Payment Gateways/Authorization Preferences in the Order Management System. For a list of recommended online merchant account providers, please visit this page:
After an order is placed, you may manually enter CVVs, if available, when processing transactions in the Credit Card Terminal, available from the bottom the Order Detail screen.