Prevent card-not-present fraud: tips for individuals and businesses

Prevent card-not-present fraud: tips for individuals and businesses

Genome’s team is back with yet another article that dives into different types of fraudulent financial situations that people and businesses can face. And this time, card-not-present fraud is on the agenda.

Want to know how to avoid scams associated with card-not-present transactions? We gathered some tips below.

What is a card-not-present transaction? 

Before we get to the fraud part, let us first explain what card-not-present transactions are in general. 

Card-not-present transactions (also known as CNP transactions) are the type of payments a person makes with their debit or credit card. Such payments happen remotely, meaning that the card and its owner are not present at a store or another physical location during the payment and don’t interact with POS terminals. Simply put, most card-not-present transactions occur online.

Examples of card-not-present transactions

The most common card-not-present transaction example is, of course, an online purchase. For instance, you are online shopping for curtains. To buy the curtains you like, you need to add them to the cart. Next, you will need to fill out the online payment form with your card details and complete the purchase, which is considered a CNP payment.

Other examples of card-not-present transactions include subscriptions. You see, recurring payments that you set online also don’t require your presence at the store. Thus, your magazine or Netflix subscription is a card-not-present transaction. 

What is card-not-present fraud?

As people’s online activity grows, so does the number of card-not-present transactions. And with something as common as CNP transactions, it is no surprise that criminals will try to exploit them.

It is where card-not-present fraud (aka CNP fraud) comes into play. This type of fraud occurs when malicious actors obtain a person’s card details and use them for CNP transactions. 

Such fraud cases are common, as it is easier for scammers to fish out card details and then make purchases online, where no one can see them, instead of, say, ATM skimming, where they need to physically install skimmers to steal card data and create card copies.  

Card-not-present fraud is also very harmful to merchants. You see, the cardholder is likely to request a chargeback once it is discovered that the CNP fraud has occurred. And chargebacks are a significant blow to merchants’ funds as well as stability in the eyes of banks and major card brands. Not only that, but merchants bear the loss for card-not-present fraud if their website is not equipped with 3DS tools. 

Open an account

in Genome online

Get Started

How to avoid card-not-present fraud as a cardholder

Whether you own a credit or a debit card, you still need to be careful about how you use it online. We have some advice on how to prevent card-not-present fraud and keep your finances secure:

Be wary of the websites you use. When shopping online, make sure you use trustworthy and reputable websites. Look for the padlock symbol in the address bar, and check that the web address starts with “https://” to ensure your data is encrypted. Avoid making purchases from unfamiliar or suspicious websites.

Give a chance to antivirus. Protect your computer, smartphone, and tablet with up-to-date anti-malware software. Ensure your operating system and applications are regularly updated to fix vulnerabilities that fraudsters may exploit.

Strong passwords are your best bet. Create unique passwords for your online accounts. Avoid using easily guessable information like birth dates or “password” as your password. Consider using a combination of letters, numbers, and special characters, and use a different password for each online account.

Multi-factor authentication must be standard for all accounts and apps.

Whenever possible, enable it for your online accounts and apps. Multi-factor authentication adds an extra layer of security by requiring you to provide two or more forms of authentication (e.g., a password and a temporary code sent to your phone) before you can access your account.

Check your transactions and statements on them. Frequently review your bank and debit/credit card statements. Look for any unauthorized or suspicious transactions. If you spot any, contact your financial institution immediately to report the issue.

Remember about phishing. Phishing, smishing, and vishing are types of fraud during which a criminal tries to trick a person into sharing their personal data via an email, text, or voice call respectively. Beware of phishing attempts, as scammers can try revealing your card information or login credentials. Verify the sender’s authenticity, avoid clicking on suspicious links, and never provide personal or financial information via email.

Use virtual cards and digital wallets. Consider using virtual cards or digital wallets for online purchases. These services provide an extra layer of security by generating a unique, temporary card number for each transaction, limiting exposure to your actual card details.

Tips on preventing card-not-present fraud for companies

Strong authentication methods are a must. It is the basic and fundamental method to prevent card-not-present fraud. It involves verifying the identity of the cardholder through multi-factor authentication. For example, you could implement mandatory authorization (password) plus mobile validation or a security token for confirmation. Any of these will be helpful. Such authentication methods make it significantly harder for fraudsters to gain unauthorized access to accounts or make fraudulent transactions.

Use the Address Verification System. Implement an Address Verification System (AVS) as part of your payment processing system. It is a simple method to authenticate ownership of a credit or debit card used by a customer. AVS checks the numerical parts of a customer’s billing address against the information on file with the card-issuing bank. To put it simply, this is another effective way to confirm the legitimacy of a transaction. Merchants can use AVS to decline transactions with address mismatches automatically.

Try new technology. Implement advanced fraud detection systems that use machine learning and artificial intelligence to monitor and analyze online transactions in real-time. These types of systems can identify unusual patterns or behaviors that may indicate fraud and respond swiftly to mitigate risks.

Fraud detection systems can enhance transaction data with additional information, such as geolocation, device fingerprinting, and historical transaction records. This enriched data aids in making more accurate fraud determinations.

For example, if a customer suddenly makes a large, unusual transaction from another country, the system may flag it as potentially fraudulent. 

Of course, not all fraud detection systems have this type of protection, but it is worth trying.

All in all, card-not-present fraud is a real threat in the digital age. Every year, the rapid growth of e-commerce will lead to increasing risk for merchants and customers, but by following these practical tips and staying vigilant, you can reduce your risk and protect your financial well-being. But remember – online security is a shared responsibility between consumers and businesses.

Also, if you are looking into improving your financial security, we recommend checking Genome. We provide multi-currency accounts for individuals and companies. All the log-ins, outgoing payments, and other related operations are protected by two-factor authentication. Genome is licensed and supervised by the Bank of Lithuania and is PCI DSS and PSD2 compliant.  

Open an account

in Genome online

Get Started


How do I protect my card from not present fraud?

As we mentioned above, there are a few things you can do to improve your card’s security when it comes to CNP fraud. First and foremost, you need complicated and unique passwords for all your accounts and apps. You must also be mindful of phishing – do not share your passwords and credentials, and don’t click on links you receive via emails, texts, and messengers. 

How do you deal with credit card fraud?

If you suspect that you have become a victim of card-not-present fraud, you must immediately contact your bank or payment provider. They will advise you on the further steps you can take. 

What is an example of card-not-present fraud?

Imagine this scenario: a criminal committed a successful phishing attempt by tricking a person into sharing their credentials on the fake website that the scammer created. This malicious actor will now use this information to make a CNP payment, for instance, to buy an expensive computer.  

How does card-not-present fraud occur?

CNP fraud happens when scammers get a hold of the cardholder’s personal and financial data. They use the stolen information to make online purchases, pretending to be the cardholder.