Credit card processing fraud is a major issue for retailers. Not only can a breach of security cost a significant amount of dollars in the immediate term, it can negatively impact a company’s reputation, costing them customers and brand value in the long term. If your customers can’t trust you’ll keep their data secure, they will be less likely to keep doing business with you. This is true in both the ever-expanding ecommerce space and in the brick and mortar retail space. 

Young florist, on the phone, while working on her laptop, making sure she’s taking action to prevent credit card-not-present fraud.

EMV (which stands for Europay, Mastercard and Visa) changed the game when it comes to securing physical card payments. In fact, according to a March 2018 Visa report, American chip-enabled merchants saw a 76% reduction in fraud. While this technology has been a boon for both brick and mortar retailers as well as consumers, card-not-present (CNP) fraud has been surging. In fact, Juniper Research projects retailers will lose $71 billion to CNP fraud from 2018-2022.

This begs the question: what can be done to protect both parties when the physical card is not a part of the transaction (e.g. during online transactions)? We’ll dive into that topic in this piece. By the time we’re done, you’ll understand what CNP fraud is, why retailers should care, and what card not present fraud prevention tools you can use to protect yourself from this real threat.

What is card not present fraud?

Card-not-present fraud is very much what its name implies: a type of payment card fraud that occurs when the physical card is not used. In today’s day and age, this means that online and over the phone payments are the common targets for CNP fraud. However, CNP fraud can also occur with mail order payments. Basically, anywhere a card is charged for a payment but is not interfacing with some sort of credit card processing machine, card not present fraud could occur.  

Why should you care about CNP fraud?

Now that you understand what CNP fraud is, why should you care? Well, if you do any sort of card not present transactions, there are a number of compelling business reasons to take CNP fraud and CNP fraud prevention very seriously. We’ll run through a few of the major points here.

Liability.

In many cases, the merchant accepting a CNP payment is often responsible if a fraudulent transaction occurs. What this means is CNP fraud can hurt your bottom line. Not only may you need to issue a refund for products or services, you may find yourself eating shipping costs and incurring additional fees.  

Reputation, customer satisfaction, and trust.

Being a victim of CNP fraud is not a pleasant experience. If your customers fall victim to this sort of scam, you don’t want your brand associated with the trouble. Not only does it create a hassle for you and your customer in the short-term, you become linked with a negative experience in their minds moving forward. This is awful for your brand. Further, if it appears your business did not do its due diligence to protect your customers from this sort of fraud, you could significantly sully your company’s reputation, leading to negative word of mouth reviews and loss of trust in your company. The takeaway here is clear: if you care about your customers, you should care about preventing CNP fraud.

Additionally, implementing strong, visible security measures can have a positive impact on your brand in the eyes of customers. Doing so shows you take their card information seriously and will invest in protecting them. Don’t think your efforts will go unnoticed. Customers care about this sort of thing, in fact, according to Experian, 66% of consumers said "I like all the security protocols when I interact online because it makes me feel protected" (PDF).

Card not present fraud prevention.

Now that we’ve reviewed what CNP fraud is, and why you should care about it, let’s discuss how you can prevent it. There are a number of best practices you can implement to help make sure you stay a step ahead of the fraudsters and keep your customers and your business secure. Here, we’ll dive into some of the most effective.

Use a secure virtual terminal.

A secure virtual terminal is an excellent way to maximize the security of your online and MOTO (mail order telephone order) transactions. For example, our virtual point of sale (VPOS) solution is able to securely accept payments using a web-based application. Our VPOS is able to keep your customer’s card information secure and help mitigate your exposure to CNP fraud with features such as constant monitoring, end-to-end encryption, tokenization, and elimination of customer details once a transaction is complete. As an added benefit, our VPOS is easy to configure. Using a web-based interface, there is no additional hardware that needs to be added to your existing software suite.

By leveraging a secure virtual terminal, you enable your business to take a holistic approach to card not present payment processing. Ideally, you want to leverage a solution that is robust and holistic, but we’ll drill down into some other specifics of card not present fraud prevention that users of more or less any system can benefit from understanding.

CVV2 numbers.

Ever wonder what those numbers on the back of your credit card are for? Why do you often have to enter them for online transactions?

These numbers are called CCV2 numbers (CCV stands for Card Verification Value). These three or four digit numbers help payment processors confirm that you actually have the physical card you are paying with and didn’t just steal the credit card number somehow. While it’s not 100% foolproof, it is a solid way to help minimize CNP fraud. If you don’t have the CVV2 number, you must not have the card. Ensuring your ecommerce payment processing pages prompt for CCV2, and validate CCV2 numbers, is an important part of card not present fraud prevention.

Address verification service (AVS).

Address Verification Service a.k.a. AVS is another common CNP fraud prevention measure. This method is similar to the use CCV2 number in that it forces the user to input some information other than the card number (which they may have stolen). Where it differs is that the address of the cardholder isn’t actually on the card. This means in addition to having the physical card, someone wishing to commit CNP fraud would also need to know the address on file with the issuing bank. This additional hurdle makes card not present fraud more difficult.

Respond quickly.

Sometimes despite your best effort, a fraudster may succeed. In addition to doing everything in your power to prevent this from happening, you need to be prepared to respond quickly and professionally in the event it does occur. Not only does this mean that effective monitoring and analytics are important, it also means that your business need to have a response plan in place. No one wants to be a victim of CNP fraud, but if it occurs, do what you can to mitigate the negative consequences. Quick responses help reduce negative impact in these cases. Further, getting into the practice of quickly responding to fraud helps you position yourself to minimize your liability in the event a fraud claim isn’t legitimate.

Need more help? Contact the experts!

We hope this piece helped you understand the basics of CNP fraud and card not present fraud prevention. If you have more questions, or would simply like to drill down further and learn about what solutions we can offer you, contact our dedicated team of experts today. Here at North American Bancard, we have been serving the payment processing industry for over 25 years, and make it our mission to help the businesses of our customers prosper. We are uniquely capable of helping you get the most effective payment processing solution for your business, and truly enjoy helping businesses thrive.

Contact NAB today and see how easy it is to get the merchant services you deserve.