Preventing Card Not Present Fraud

For merchants and business owners, payment processing services aren’t just a convenience; they’re a necessity. Yet each year, thousands of successful businesses are denied basic merchant account services because their industry is considered high-risk by banks and financial institutions. There are many reasons industries are given this high-risk designation — and one of the prime reasons is “card not present fraud.” But what is card not present fraud?

If you’re a business owner, you’ll need to know exactly how this type of fraud works and how you can prevent it. One of the best ways you can protect yourself is by using the services of a top-notch merchant account service provider. As a leading payment processing service for high-risk industries, Zenti provides a full roster of payment options for high-risk businesses, plus financial management strategies that can help protect you against high chargeback rates and card, not present fraud.

What Is Card Not Present Fraud?

“Card, not present” (CNP) transactions occur when a customer uses a card remotely and doesn’t physically present the card to the merchant. Typically, CNP transactions occur during purchases made online, over the phone, or in any other scenario where a credit card number is used without the card.

Common CNP transactions include:

• Online purchases

• Phone purchases

• Subscription payments

• Transportation or hotel reservations

• Billing payments

• Sports/entertainment tickets

Since the credit card in these transactions isn’t physically present, it can’t be swiped, and the EMV chip can’t be inserted. Instead, the payment is processed electronically or when the merchant or customer manually types in the credit card number.

CNP purchases are a part of our daily lives. And in our internet economy, it makes savvy business sense for companies to have an e-commerce presence or online purchasing options available to their customers whenever possible. But if CNP purchases are so common, why are they so risky?

Risks of card not present transactions

Payment processors, credit card companies, banks, and financial institutions consider card, not present transactions substantially riskier than “card present” transactions, in which a card is physically used, examined, and swiped. And according to the numbers, these fears are valid. Recent statistics show that a staggering 45 percent of US credit card fraud cases involve CNP transactions, making it one of the primary methods of credit card scamming. Likewise, analysts predict CNP fraud will cost global businesses more than 130 billion USD by 2023.

Why are the risks so high? It has to do with physical verification. Without it, a merchant can’t examine the credit card for possible red flags such as

• Suspicious or doctored account number

• Different cardholder name

• Suspicious or forged signatures

• Missing holograms or faked identification marks

Essentially, card not present fraud occurs when a scammer takes advantage of the remote purchasing conditions and uses fraudulent or stolen credit card information to make a purchase or payment. Without equipment or a physical examination to verify the card, merchants have to simply take the payment information on trust when it’s given online or over the phone.

CNP transactions are a necessary part of daily business for many merchants and vendors — it would be impossible to operate without them. This is especially true for e-commerce retailers, travel companies, and subscription services. However, because of this risk factor, businesses taking CNP payments are often designated high-risk and charged higher fees from payment processors. But this is where Zenti can help. Zenti provides a full line of payment processing services for high-risk industries — at reasonable fees that businesses can afford.

CNP practices that can lead to fraud

How does CNP fraud happen? Here are some common scenarios and practices that can lead to fraudulent CNP transactions:

Incomplete, inaccurate, or invalid information

Merchants should record all relevant customer information in card, not present transactions, including addresses, emails, and phone numbers. Likewise, in online transactions, purchasers always fill this information out before making a purchase. But according to a 2018 report from American Express, 61 percent of merchants will accept a transaction even when a customer doesn’t provide a verified billing address. In particular, phone transactions can be especially risky since an employee might be in a hurry and neglect to take information vital to establishing the customer’s credibility.

Employee fraud

These numbers may surprise you. According to recent statistics, 75 percent of employees admit to having stolen from their companies at least once. Likewise, around 50 million USD is stolen from US businesses each year by employees.

With CNP transactions, malicious employees have plenty of opportunities to defraud their companies. In one scenario, an employee can be an accomplice to a customer’s scam by intentionally “forgetting” to take the proper address, contact info, or CVV. In another scenario, an employee could defraud customers by stealing credit card information, which is especially easy to do if they’re recording it manually.

CNP and phishing

Phishing is the type of credit card fraud most commonly associated with CNP fraud. In CNP phishing scams, fraudsters hijack legitimate e-commerce sites, clone them, and send emails and text messages that “sell” fake merchandise from these cloned sites. Unsuspecting customers can easily fall for this if the website looks legitimate, and these scams can result in loss of profit as well as credibility for the real owner of the site. These scams are especially popular now because of the prevalence of sales via text messaging.

To prevent phishing scams, it’s important to implement top-tier security software on your e-commerce site and monitor it regularly for any sign of suspicious activity. If you see a phishing site trying to replicate your website or products, report it immediately to law enforcement authorities.

Warning signs for CNP fraud

These red flags may indicate someone is up to no good:

Very small transactions

These can be used to test a fake or stolen card.

First-time buyers

It’s always a good idea to monitor new customers who have never bought from your company before, as you don’t know what their intentions might be.

Large transactions

Small transactions can be a red flag, so can very large purchases. Consider this: Once a credit card is stolen, the criminal will want to charge as much as possible in a very short time before the theft is reported and the card is canceled.

Multiple logins on your e-commerce website

We occasionally forget our passwords, but after a couple of tries, most of us give in and hit the “forgotten password” button. A criminal, however, will keep trying, and this could be an indicator of suspicious activity.

Inconsistent contact information

If a customer presents you with suspicious-sounding email addresses, incomplete billing addresses, or mismatched phone numbers/area codes, beware of putting that transaction through without some credible verifications.

Multiple transactions within a short timeframe

If a card is stolen, fraudsters will load it up as quickly as possible before it’s reported. Many purchases, especially from a new customer, may indicate something is amiss.

Tips for preventing CNP fraud

As prevalent and sophisticated as CNP fraud can be, the good news is that it can also be preventable, provided you take the right steps in being proactive for your business. Here’s a look at what you can do to prevent fraudulent transactions:

Use multifactor authentication

“Multifactor authentication” is a fancy term for multiple steps to verify a buyer’s identity. These steps include requesting a verified address and full contact information (including an email address and daytime/evening phone numbers), requiring a CVV, and using an Address Verification Service (AVS). An AVS is a tool that matches the purchaser’s address with the address on file with the credit card. If the match is approved within seconds, the credit card company sends an approval code to the merchant, completing the payment.

Get complete credit card information.

In a CNP transaction, you’ll need to ask the customer for the full name on the card exactly as it appears, plus the card type (MasterCard, VISA, etc.), the account number, and the full expiration date (make sure that the data is still valid). You’ll also want to ask for the card verification value (CVV) number, which is located on the back of the card. Since CVV numbers are never stored in a transaction, it’s difficult for criminals to access them without physically stealing the card. Because of this, CVV numbers have become an increasingly important tool in CNP fraud prevention.

Preventing chargebacks

A card, not present transaction can quickly lead to a “card not present refund,” aka a chargeback. Chargebacks — credit card refunds requested by the customer — can significantly impact your profits. Studies show that chargebacks can cost businesses approximately 0.47 percent of their yearly revenues.

Chargebacks are especially prevalent in remote CNP transactions because it’s easier for the cardholder to claim they didn’t authorize the charges. Likewise, a customer might commit “card not present refund fraud” by claiming they never received their items when they did.

A high chargeback rate can cause significant income loss and result in your merchant account being denied or suspended. In cases where fraud isn’t involved, these steps can help you prevent chargebacks:

Give full descriptions (and provide images) of your products, services, and prices.

Your online customers will see exactly what they’re paying for by giving full descriptions with plenty of photos and videos.

Give full disclosure on your return and cancellation policies.

Make sure your customers know what they can, and can’t, return.

Provide top-tier customer service

You can go a long way toward mitigating returns by answering all your customers’ questions and providing thoughtful, attentive service. In addition, you might be able to persuade customers to accept a substitute product instead of a refund.

Advantages of payment processing services

If you’ve been denied payment processing services because of high CNP transaction rates or other reasons, Zenti can help. With years of experience working with all types of high-risk industries, Zenti understands the unique needs of business owners and can provide you with a variety of effective solutions, including

• Multiple payment options for your customers, including credit card, debit card, and e-check payments

• Tools to track payments from the point of sale to processing and completion

• Automated billing customized to your schedule

• Fair, reasonable fees even for high-risk industries

If you’re looking for the best in top-tier merchant account services, contact Zenti to learn how we can help you get the payment processing you need to reach the next level of success.