Introduction
Before debit and credit cards were used the way they are being used today, people expressed the need to perform transactions without having to visit a particular place and stand in line.
The introduction of credit and debit cards inspired financial institutions to develop a way to shop from any location at any time. The result is card-not-present transactions.
This article explains what a card-not-present transaction is, how it works, and how it relates to online payment security and chargebacks.
What Is Card-Not-Present Transaction?
A card-not-present (CNP) transaction is any transaction in which card authorization is performed without the physical presence of the payment card or the cardholder. For example, all payments processed online are card-not-present transactions.
In card-present transactions, card authorization is done by dipping, swiping, or tapping a card to the point-of-sale device. In card-not-present transactions, card authorization takes place after the cardholder presents the information required to complete the transaction. Such information includes:
- First and last name of the cardholder
- Card number
- CVV or CVC
- Expiry date
- Billing address
Card-Not-Present Transaction Examples
The most common types of card-not-present transactions are:
- Online orders
- Phone orders
- Automatic recurring payments
- Online invoice payments
- Mail or fax orders
- Card-on-file transactions
- Buy online, pick up in-store (BOPIS)
Card-Not-Present Fraud
The main risk with CNP transactions is the inability to truly verify the identity of the person using the card. Without the implementation of strong customer authentication and the best payment security and fraud prevention practices, CNP transactions are susceptible to card-not-present fraud and chargebacks.
Card-not-present fraud includes three types of fraud:
- Payment fraud. Occurs when a person gains access to someone’s card information illegally (by stealing it or buying it on the dark web). The fraudster uses the data to make unauthorized online purchases.
- Account takeover fraud. Occurs when an attacker gains access to a user account containing saved payment information. This kind of fraud remains undetected for a long time as attackers typically maintain regular usage patterns.
- Friendly fraud. Requesting a chargeback for a CNP transaction without a valid reason is considered friendly fraud. This kind of fraud causes losses in both profits and merchandise, potentially devastating a business. The problem is widespread, giving rise to companies specializing in chargeback protection solutions. The best protection against friendly fraud is to implement sound fraud prevention practices.
Card-not-present fraud is a critical concern because it makes up around 75% of total card fraud. Educating customers and business owners about the types of CNP fraud, including how to recognize and prevent them, protects all participating parties and makes online payment processing work.
Note: According to LexisNexis, $1 of CNP fraud costs a merchant $3.60.
How to Prevent CNP Fraud
The risk that comes with CNP transactions does not mean that businesses should stop offering this type of transaction to customers. CNP fraud, as well as many other types of fraud, can be prevented by:
- Partnering with a reliable payment processor.
Note: Learn how to choose the right payment processor for your online business by reading our article What Is a Payment Processor? Everything a Business Owner Needs to Know.
- Implementing multilayered fraud prevention systems and regulations, such as Strong Customer Authentication (SCA), 3D Secure (3DS), and the Revised Payment Services Directive (PSD2).
- Ensuring PCI compliance.
Note: Use our PCI Compliance Checklist for Merchants to test whether your online business is PCI Compliant.
- Using an address verification service (AVS).
- Requesting CVV or CVC during checkout.
- Implementing HTTPS.
- Refusing to ship to PO boxes and vague or partial addresses.
- Performing regular security audits.
Card-Not-Present Chargebacks
A chargeback is when a bank reverses a transaction upon a cardholder’s request. Cardholders ask for chargebacks for a variety of reasons, such as when they receive a faulty product, their order never arrives, or the merchant refuses to refund the customer.
Chargeback rates are higher for card-not-present transactions due to several reasons:
- Honest friendly fraud occurs more often (i.e., kids taking their parents’ payment cards to make in-app purchases).
- Customers may forget about a subscription and ask for a chargeback.
- Customers may entirely skip the refund process and ask for a chargeback right away.
- It is difficult to estimate whether a digital product the customer purchased isn’t as advertised. If a refund is not approved, the customer will ask for a chargeback.
How to Accept CNP Transactions
The most popular ways for merchants to accept CNP transactions are via:
- Ecommerce shopping carts. Ecommerce carts require customers to select products and complete the checkout form.
Note: CCBill integration partners include the most popular shopping carts. Integrate your shopping cart platform with CCBill’s payment processing system today!
- Online invoices. An online invoice notifies the customer of their debt and requests settlement. The customer then settles the debt quickly and efficiently by allowing the software to draw funds from their account.
- Virtual terminals. Virtual terminals are web-based applications that transform any device into a POS terminal, allowing merchants to request payments from customers by entering card details.
- Payment APIs. Payment APIs connect a business’s payment solution to another payment system. A common example is connecting the checkout page to a third-party payment processor.
Note: CCBill’s Payment API provides ecommerce and subscription businesses with a robust billing solution.
CNP Transaction Processing Costs
CNP transaction processing costs are typically higher than those for card-present transactions because of the high risk of chargeback and fraud.
When processing card-not-present transactions, most financial institutions charge a fixed fee, to which they add a certain percentage of the transaction. The exact amount depends on the individual transactions and the payment processor.
Conclusion
You now know what card-not-present transactions are and how they work.
Online payments and card-not-present transactions are here to stay. They are a convenient and fast way to purchase goods from the comfort of one’s home. With all the latest fraud detection systems and regulations, such as PSD2 and 3DS, online payments have become much safer too.