We are developing an integration that will be used by a PCI-compliant company in the hotel & reservation sector. They have a large number of card numbers on file, which the goal is to tokenize and eliminate the PCI-scope card data. From the Clover tokenization endpoint, CVV is required, but is not validated.
In production environment, my test transactions failed when the CVV was set as 000, and succeeded when the correct CVV was supplied during tokenization. The Clover merchant dashboard has some settings in Fraud Prevention related to CVV validation, where I have disabled all automatic void upon CVV failure, but that did not seem to have an effect as the card was declined.
Is there any way that eCommerce tokenization can work using existing card holder data, without having the CVV? Because of PCI restrictions, that number is not avaialble.