Uh no. The credit card company doesn’t decide whether you need the CCV (security code). That is at the discretion of the merchant.
The scam is that by not verifying the billing information matches the credit card information a user can make hundreds of donations, each below $200, under made up names. This allows them to circumvent the limits on contributions and the laws against foreign donations.
However it is NOT illegal and does not require any action on the part of Zero’s campaign.
bump
Sorry, you’re correct about the CVV, but they could do both scams simultaneously, no? A superficial audit could be responded to with a set of unique legit card numbers as proof of legitimacy, while a software program is generating thousands of bogus contributions that never even hit the credit card companies (seems more likely than someone who wants to donate a $100,000 sitting there and making 500 contributions online). Of course a software program could also be set up to make the 500 legit donations.