I always find it interesting what companies require one and which ones dont. Doubt its just for BofA cards. Maybe with the Target breach and the Hotel Breaches AS added that feature to prevent fraudulent cards from being used for tickets because in the end they would be out the money if the thief wasnt caught and charged