3DS happens before CVV and expiry check. So it's designed that way. But real hackers know how to use time oof response average, to determine where it went wrong
What if I enter wrong cvv but enter correct OTP and transaction done successfully. Does bank will process the claim or refund because the CVV number is wrongly entered
What if I enter wrong cvv but enter correct OTP and transaction done successfully. Does bank will process the claim or refund because the CVV number is wrongly entered