Last updated Jan. 23, 2023 by Peter Jakes
In today’s digital world, if a customer doesn’t have a form of payment in hand, they can still make purchases. How? Purchasing without being physically present is called a card-not-present (CNP) transaction. The question remains, what really are Card-not-present Transactions (CNP) and how do you prevent CNP fraud?
What Exactly Is a Card-not-Present Transaction?
CNP transactions are those where neither the customer nor their credit card is physically present at the point of sale. A phone call, fax, internet or mail are usually the most typical ways to initiate a card-not-present transaction.
A criminal only needs the victim’s credit card number, name, three-digit security code (CVV), and expiration date to commit card-not-present fraud.
In the event that a card’s EMV chip is read, swiped, tapped, or dipped, this fraud occurs, though the card may not be present. Hence, after “What are Card-not-Present Transactions?”, the next is to know how CNP frauds happen and how to prevent them.
Examples of Card-not-Present Transactions
Every day, you’re likely to come into contact with a variety of CNP transactions. They are:
- Online purchases: Any time a customer makes a purchase via the internet or an e-commerce transaction.
- Phone orders: When a customer calls your business and gives you their credit card information over the phone.
- Recurring payments are automatically charged to your credit card each month.
- Online payments for invoices.
Processing Card-not-Present Transactions
Card-not-present transactions like we said do not require your physical credit cards but your card details. That’s why, if you don’t properly handle card-not-present transactions, your business and your clients will both be at risk.
When completing a CNP transaction, you must present customer and credit card information during the checkout process. They are:
- Billing address
- Shipping address
- Phone number
- Cardholder name (as it appears on the card)
- Credit card number
- Card expiration date (month and year)
- Card security code (CSC), a three- or four-digit code on the back of the card
Your payment processing system should make this process seamless and smooth. Ideally, payment processing is integrated with your point-of-sale (POS) system for quicker checkout and automatic inventory reconciliation.
Merchant Rates For CNP Transactions
Every time a customer uses their credit card, they have to pay a fee.
That cost is slightly higher for card-not-present purchases. Since you can’t verify the actual card or the cardholder in person, CNP transactions have a higher risk of fraud.
Assessment, interchange, and processing costs are all included in the total card transaction charge you pay.
The structure of transaction fees differs from one company to the next.
This includes various credit card companies and payment processors.
For card-not-present transactions, you may pay a greater percentage, a fixed cost, or both. To make your e-commerce activities safer, pay more attention to your phone orders and never drop your credit cards carelessly, where strangers can have access to them.
What is Card-not-Present Fraud?
Fraudsters who commit card-not-present (CNP) take advantage of a payment card that is not physically present at the time of the transaction.
These fraudsters gain access to the card’s magnetic strip, which contains the payment card number, three-digit security code, as well as the name and address of the cardholder. In cases like these, the merchants are usually unaware of fraudulent transactions. The card details must have been stolen unknowingly.
The cardholder’s signature cannot be verified, or extra identification requested because the merchant never handles the payment card. In most cases, the victim is ignorant of the scam until after the fraud has occurred.
Because the loss liability for fraudulent CNP transactions falls on the merchant rather than the cardholder, the payment processor will bill the merchant for the full amount of such fraudulent purchases.
Card-Not-Present Fraud Statistics
It is estimated that by 2021, card-not-present fraud (CNP) will account for 81% of all card fraud. Since the introduction of chip and PIN technology, card-present fraud has decreased significantly, though CNP fraud is still on the rise.
Related article: 12 Best Accounting Software for Business
Even more worrisome is the fact that fraudsters are finding it easier to get their hands on stolen credit card data.
Credit card numbers and e-retailer login credentials are becoming increasingly common targets of cyberattacks.
According to an industry survey, there was a whopping 153% spike in the number of stolen credit cards sold on the dark web just last year.
According to a Juniper Research analysis, retailers will lose 130 million dollars in CNP fraud by 2023.
How Is Your Credit Card Information Obtained for Card-not-present Fraud?
Card-not-present fraud is plagued by the fact that the majority of the victims are unaware of the fraudulent transactions that have occurred. For CNP fraud, they don’t require an actual credit card; instead, they just need the card number and expiration date. Card owners will have their physical card, but they will not recognize that they have lost money.
Criminals employ a variety of methods to obtain payment card information. Skimming, hacking, and phishing are the most prevalent methods of obtaining sensitive data.
Hacking occurs when computer systems are attacked to obtain financial information. It could come from a bank, a hotel, a merchant, or a service provider. The information is sold to other criminals, who use it to commit credit card fraud.
This is the process of skimming data from a physical card. Criminals will use card readers, particularly in public places like ATMs and POS machines.
This occurs when a fraudster attempts to obtain financial information from a customer by impersonating a reputable credit card firm. They will notify you through email that your account has been compromised and that they require your details to resolve the issue.
Scammers will send the card to a bogus website and take their login details. They can use the information to obtain new credit cards and start new bank accounts.
How to Prevent Card-Not-Present Fraud
To avoid being a victim of card-not-present fraud, Visa advises the following consumer tips:
- Share your usernames and passwords with no one.
- Use only internet browsers that send data securely. To determine whether a browser is safe, ensure that the site address starts with https:// and look for a closed-padlock sign in the browser.
- Review your monthly credit card statements thoroughly.
- Respond to unsolicited email requests for personal account information, even if the sender appears trustworthy.
- The payment information should not be sent through email.
What Steps Can Businesses Take to Counteract Card -not-Present Fraud?
Chargeback Gurus and Chargebacks911 recommend the following:
- Always request a card’s security code on e-commerce order forms.
- Use customer verification tools like Verified by Visa, Mastercard SecureCode, and American Express SafeKey.
- Use a service that checks the billing address of a cardholder.
- Pay particular attention to first-time clients, as fraudsters are constantly on the lookout for new victims.
- Be wary of orders that are larger than usual. Criminals using stolen card data usually attempt to make large purchases in a short period before the fraud is discovered.
- Be on the watch for large-ticket purchases that a thief might end up reselling.
- Keep an eye out for repeated attempts to insert a card’s expiration date. This could indicate that a crook is attempting to figure out the number.
- Trust your instincts. If something doesn’t feel right about a transaction, ask the purchaser for more information or call to confirm the purchase.
Card-Not-Present fraud is the most prevalent method of payment fraud today. We have answered the question “What are Card-not-Present Transactions”. Not just that, you should pay attention to the tips needed to prevent CNP fraud.
Card-not-present doesn’t have to be stressful or costly. Now that you know the types of CNP fraud that can happen, you can implement protection in the form of Payment Card Industry compliance, Address Verification Service authentication, and CSC validation.
Once you have these systems running, you can focus your attention elsewhere and rest assured your card-not-present transactions are taken care of.
CNP fraud is 81 percent more common than traditional card-present fraud, and the gap between the two is only likely to rise in the future.
According to a Juniper Research projection, in 2023 retailers will lose an astronomical 130 million US dollars CNP fraud in 2023.
Protecting your business from chargebacks and fines associated with CNP fraud can be expensive. Thankfully, third-party solutions can give you all the benefits of a custom, AAA-tier system for a fraction of the cost.