Card-not-present (CNP) transactions are crucial for businesses operating online, by phone, or through mail. These transactions allow payments without a physical card being presented, making them fundamental to e-commerce but also exposing merchants to increased fraud risks and higher transaction fees. This article breaks down CNP transactions, explains how they work, highlights associated risks, and provides practical solutions to reduce fraud.
1. How CNP Transactions Work
Card-not-present transactions happen when neither the cardholder nor the card is physically available for the payment. These transactions typically occur in online shopping, phone orders, or recurring payments for subscription services.
CNP transactions require merchants to collect the following key information from customers:
- Card number
- Expiration date
- CVV (Card Verification Value)
- Billing address
This data helps verify the transaction, but the lack of physical presence makes CNP payments more susceptible to fraud than card-present (CP) transactions, where cards are swiped, inserted, or tapped on terminals.
Table 1: Comparison of Card-Present vs. Card-Not-Present Transactions
| Feature | Card-Present (CP) Transactions | Card-Not-Present (CNP) Transactions |
|---|---|---|
| Physical Card Verification | Yes (via chip, magstripe, NFC) | No |
| Fraud Risk | Lower | Higher |
| Verification Methods | Chip & PIN, contactless | Address, CVV, and 3D Secure checks |
| Processing Fees | Lower | Higher |
| Common Use Cases | In-person purchases, contactless payments | E-commerce, phone orders, recurring payments |
Examples of CNP Transactions:
- Online shopping: Customers provide card details at checkout.
- Phone orders: Customers give card information over the phone.
- Recurring payments: Subscription services automatically charge stored card details.
These methods are essential for businesses operating online or remotely, but they expose merchants to greater fraud risks, requiring stronger security measures.
2. Processing CNP Transactions
Merchants process CNP transactions through virtual payment gateways or terminals, which charge higher fees than CP transactions due to the increased risk of fraud. Payment processors such as Stripe, Square, and Braintree handle these transactions while offering fraud detection tools to protect merchants.
Transaction Fees for CNP Transactions
CNP transactions incur higher fees because of the greater risk involved. These fees typically include:
- Interchange fees: Paid to the card issuer (Visa, Mastercard).
- Assessment fees: Charged by the card network.
- Processor fees: Charged by the payment gateway or service provider.
For example, Stripe charges 2.9% + 30¢ for CNP transactions, while CP transactions are charged at a lower rate of 2.6% + 10¢.
Table 2: Sample CNP Transaction Fees (2024)
| Payment Processor | CNP Transaction Fee (% + fixed) | CP Transaction Fee (% + fixed) |
|---|---|---|
| Stripe | 2.9% + 30¢ | 2.6% + 10¢ |
| PayPal | 3.49% + 49¢ | 2.7% + 30¢ |
| Square | 3.5% + 15¢ | 2.75% |
Higher fees reflect the additional security measures needed to reduce fraud and the likelihood of chargebacks, where customers dispute transactions, leading to revenue loss.
3. CNP Fraud and Chargeback Prevention
CNP transactions are particularly vulnerable to fraud. Without physical card verification, fraudulent actors can exploit stolen card information. According to a LexisNexis report, every dollar lost to CNP fraud costs U.S. merchants $3.75. Fraudsters commonly use stolen card details for unauthorized transactions, causing significant financial loss for businesses.
Common Types of CNP Fraud:
- Card-not-present fraud: Unauthorized use of stolen card details.
- Chargeback fraud: Customers dispute legitimate charges to avoid paying.
- Online shoplifting: Fraudulent claims of non-delivery or defective products.
Key Fraud Prevention Methods
Merchants must adopt robust security practices to prevent fraud and reduce chargebacks. Here are the most effective methods:
- Address Verification Service (AVS): Verifies the billing address provided during a transaction against the one on record with the card issuer.
- CVV Checks: Requires customers to input the CVV code found on the back of the card, adding an extra layer of protection.
- 3D Secure Authentication: Provides an additional step where the cardholder verifies their identity through a one-time password or biometric authentication.
- PCI Compliance: Ensures that merchants follow security standards set by the Payment Card Industry (PCI), safeguarding customer card data.
Businesses should also consider partnering with fraud prevention services. Merchanto.org, a trusted partner of Visa and MasterCard, offers comprehensive chargeback prevention solutions. Merchants using Merchanto.org reduce the risk of disputes and fraud. Learn more here.
Table 3: Common Types of CNP Fraud and Mitigation Techniques
| Fraud Type | Description | Mitigation Techniques |
|---|---|---|
| Card-Not-Present Fraud | Unauthorized use of stolen card details | AVS, CVV checks, 3D Secure |
| Chargeback Fraud | False disputes by customers claiming non-receipt | Clear return policies, fraud detection tools |
| Online Shoplifting | False claims of defective or missing products | Require signatures for delivery, strong KYC |
4. Best Practices for Secure CNP Transactions
Businesses need to ensure secure processing of CNP transactions to avoid financial losses. Adopting the following practices will improve transaction security and customer trust.
1. Use a PCI-Compliant Payment Gateway
A secure payment gateway ensures encryption of card data, preventing unauthorized access. Stripe, Braintree, and Checkout.com offer PCI-compliant solutions with fraud prevention capabilities.
2. Collect Comprehensive Customer Information
At checkout, request full billing and shipping details, including phone numbers and email addresses. This helps verify the legitimacy of the transaction.
3. Implement 3D Secure
3D Secure adds another layer of security by requiring customers to authenticate their identity. This method is supported by Visa and Mastercard to prevent fraudulent transactions.
4. Monitor Transactions for Fraud
Use machine-learning algorithms to detect suspicious activities based on transaction behavior. Stripe Radar and other tools offer fraud prevention solutions by analyzing patterns such as location and frequency of transactions.
5. Provide Clear Return and Exchange Policies
A well-defined return policy reduces the chances of chargeback fraud. Customers are less likely to dispute transactions when a clear process is available for returns or exchanges.
Chargebacks and Their Impact
Chargebacks can severely affect a business’s bottom line. When a customer disputes a transaction, the business not only loses the sale but also faces additional fees. Merchants with a high rate of chargebacks may experience penalties, higher fees, or account suspension from payment processors.
Visa and MasterCard have strict guidelines for handling chargebacks, requiring merchants to respond quickly to disputes and provide adequate evidence to counter fraudulent claims. Collaborating with chargeback prevention services like Merchanto.org can help merchants avoid these issues.
5. Conclusion
Card-not-present transactions are a necessity for e-commerce and remote business models. However, they come with inherent risks and higher processing costs due to the lack of physical card verification. To mitigate fraud and chargebacks, businesses must adopt strong security measures such as AVS, CVV checks, 3D Secure, and PCI-compliant payment gateways.
