Card-Not-Present Fraud: How To Protect Your Information
Credit card scams are on the rise. In fact, the National Association of Federally-Insured Credit Unions reports that over half of Americans have already been victims of digital payment fraud as of 2022.
One common type of credit card scam is known as card-not-present fraud, also called CNP fraud. Since it usually occurs via online transactions or payments conducted by phone, it can be difficult to detect. One study estimated that by 2024, CNP fraud will represent 74% of all fraud, making it a major problem for businesses and consumers now and in the future.
Read on to learn more about this type of fraud and how businesses and individuals can protect themselves.
Is Card-Not-Present a Type of Card Fraud?
Card-not-present fraud is a type of credit card fraud in which criminals obtain credit card information, but don’t hold the physical card during a transaction. As a result, CNP fraud is often used by criminals to make purchases via the following methods:
- Online payments
- Mobile payments
- Payments over the phone
What Does It Mean When a Card Is Not Present for a Transaction?
Card-not-present simply means that the physical card was not required when making a transaction. This is usually the case when transactions are conducted via non-face-to-face methods, like shopping online. In these scenarios, the merchant is unable to examine the physical card and determine whether the buyer is the legitimate cardholder.
How Does Card-Not-Present Fraud Work?
Card-not-present fraud happens when a criminal uses a cardholder’s information to make purchases without their consent. Information required for CNP fraud includes:
- Cardholder name
- Billing address
- Account number
- Three-digit CVV security code
- Card expiration date
Once these details are obtained, the criminal uses the information to make purchases online or over the phone.
How Can Someone Use Your Card Without Having It?
Your card details can be stolen electronically, which makes CNP fraud difficult to prevent. The criminals do not need to obtain the physical card, because much of this information is stored online.
There are multiple ways that people can illegally obtain credit card data. These methods include:
- Online phishing or phone scams
- Credit card skimming devices
- Theft of information by dishonest employees
- Bank or credit card company database hacks
- Online merchant database hacks
The most common methods of obtaining a cardholder’s information are through online phishing or hacking operations. However, credit card data can also be obtained physically, so it’s important to protect the card on your person as well as be aware of potential scams.
How Do You Detect Card-Not-Present Fraud?
There are a few methods used by credit card companies in an effort to detect CNP fraud.
Credit card companies can analyze a cardholder’s typical card usage to determine whether a particular transaction is likely to be fraudulent. For example, if a cardholder has only used their card for everyday purchases like groceries and gas, an online purchase of an expensive TV might flag as potential fraud.
Address Verification Service
Another detection method involves using address verification service, or AVS, which cross-checks the cardholder’s registered address with the address submitted during an online transaction.
This method is commonly used by major credit card issuers like Visa, MasterCard, American Express and Discover. However, the address verification method cannot stop CNP fraud if the criminal also possesses the correct address of the cardholder.
Another detection and prevention technique is using biometric technology like fingerprint, face or voice recognition to confirm a cardholder’s identity. In addition, some merchants may use device fingerprinting software, which analyses a buyer’s IP address, browser information, time zone and other information to spot potential criminal activity.
Who Is Responsible For Card-Not-Present Fraud?
Card-not-present fraud typically results in a loss for the merchant, unlike card-present fraud, where the credit card issuer bears the loss.
This can have a significant impact on the merchant’s profitability. A 2018 Federal Reserve study found that CNP fraud resulted in a $4.57 billion loss for e-commerce companies.
The cardholder is not held liable for any fraudulent charges, assuming that the fraudulent transaction has been either detected by the card company or successfully disputed by the cardholder.
This means individuals should keep a close eye on their transaction history and report any suspicious activity right away.
Now that online shopping and digital payments are everywhere, it can be difficult to prevent scams like card-not-present fraud. CNP fraud is a threat to merchants’ bottom line and individuals who want to protect their private data.
However, there are several ways to protect against this type of fraud. For starters, merchants can implement multiple authentication systems or use biometrics for identification. Individuals can also stay vigilant of CNP fraud by monitoring their credit card statements for any suspicious transactions.
Our in-house research team and on-site financial experts work together to create content that’s accurate, impartial, and up to date. We fact-check every single statistic, quote and fact using trusted primary resources to make sure the information we provide is correct. You can learn more about GOBankingRates’ processes and standards in our editorial policy.
- National Association of Federally-Insured Credit Unions. 2022. "Card Not Present Fraud is Skyrocketing."
- Insider Intelligence. 2022. "US Card Payment Fraud Losses Forecast 2022."
- Merchant Fraud Journal. 2022. "Address Verification Service (AVS) Check."
- TransUnion. 2020. "What is Card Not Present Fraud (CNP Fraud) Statistics."