Everything you need to know about card-not-present transactions
In today’s world, digital payments have made buying and selling easier than ever, especially as more people choose to shop online. But for businesses, not all payments are equal. If you’re a business owner, you may wonder, “Why do online purchases sometimes cost me more in fees than in-person ones?” The answer often lies in what’s called card-not-present (CNP) transactions. These are payments where the cardholder and their card aren’t physically at the checkout. While CNP transactions bring convenience, they also carry unique costs and risks.
What is a card-not-present (CNP) transaction?
A card-not-present (CNP) transaction happens whenever the cardholder isn’t physically at the location to make a payment. In other words, there’s no card swipe, dip, or tap in person. Instead, card details are entered manually, usually through a website, over the phone, or by other remote means. This makes CNP transactions different from “card-present” transactions, where both the cardholder and their card are physically there for the payment.
So, what does this look like in real life? Think of online shopping: a customer enters their card details to buy something on an eCommerce site—classic CNP. Or maybe they call a store and read their card number over the phone to place an order, which is another example. Subscription services like streaming apps or gym memberships also often use CNP transactions because the payment is set up remotely and charged regularly. Each of these scenarios shows how CNP transactions make buying and selling easier from anywhere but come with added risks and higher costs for businesses.
The common types of card-not-present transactions
There are several common types of CNP transactions, each allowing customers to pay from a distance but with some differences in how they work. Here are the main types:
E-commerce transactions
Online shopping makes up a big share of CNP transactions. When a customer shops on an eCommerce site, they enter their card information at checkout without ever having to step into a physical store. This convenience is one of the main reasons CNP transactions have grown, along with the popularity of online shopping.
Mail order and phone order transactions (MOTO)
Mail order and phone orders might seem old-fashioned, but they’re still used by some businesses today. With MOTO, customers provide their card information over the phone or through the mail to complete a purchase. This type of CNP transaction is popular among companies that serve older customers or those who prefer a more personal touch instead of online shopping.
Subscription and recurring billing
Subscription-based businesses, like streaming services, meal kits, or gym memberships, rely heavily on CNP transactions. Here, customers sign up and enter their card details once, and the business then charges the card automatically on a recurring schedule. This setup is convenient for both the customer and the business, but since the payments are processed without the cardholder present each time, it still falls under CNP.
Invoicing and remote payment processing
For businesses that deal with other businesses (B2B), invoicing and remote payment processing are common CNP methods. A company may send an invoice to a client, who then pays remotely using card details. This setup allows flexibility for both parties and makes it easier to handle payments from a distance, but it also means the business takes on the added risk of processing CNP transactions.
Why are CNP transactions more expensive for businesses?
CNP transactions are convenient, but they come at a higher cost for businesses. Here’s why:
Increased fraud risk and its impact on costs
One big reason CNP transactions are more expensive is the higher risk of fraud. When a cardholder isn’t present, there’s no easy way to verify their identity or confirm that they’re the true owner of the card. This makes CNP transactions an attractive target for fraudsters, leading to higher rates of fraud and chargebacks. For businesses, each fraudulent transaction can mean lost revenue, additional fees, and a damaged reputation with payment processors.
Higher interchange rates and processing fees
Due to this added risk, card issuers and payment processors charge higher interchange rates and processing fees on CNP transactions. Interchange rates are the fees that businesses pay to banks and credit card companies for each transaction. With CNP, these rates go up because the banks see these transactions as riskier, and they want to cover the potential costs associated with fraud or disputes.
Cost comparison between CNP and card-present transactions
To put it simply, CNP transactions cost more than card-present ones. For example, if a business pays a 1.5% fee for card-present transactions, they might pay 2.5% or more for CNP ones. This difference can add up quickly, especially for businesses that rely heavily on online or remote sales. So, while CNP transactions allow businesses to reach customers from anywhere, they also mean accepting a higher cost per transaction.
The risks of CNP transactions: Fraud and chargebacks
Card-not-present transactions open doors for convenience, but they also come with notable risks, primarily around fraud and chargebacks. Here’s how these risks play out for businesses:
Types of fraud targeting CNP transactions
One of the most common threats to CNP transactions is stolen card fraud. In these cases, fraudsters use stolen card details to make purchases online or over the phone. Since the cardholder isn’t present to verify the purchase, the business is left vulnerable, with no straightforward way to confirm the buyer’s identity. Another issue is chargeback fraud, where a buyer disputes a legitimate purchase with their card issuer, claiming they didn’t authorize it. This leads to a chargeback—essentially a forced refund—which can be costly and damaging to the business.
Chargebacks: Financial and reputational impact on businesses
Chargebacks not only eat into profits but also impact a business’s reputation with payment processors. When a business experiences high rates of chargebacks, payment providers may see them as a risk, potentially increasing their fees or even suspending their accounts. Beyond the immediate financial hit, chargebacks can lead to damaged relationships with processors and future challenges in managing payments smoothly.
Factors increasing the risk of CNP fraud
Several factors make CNP transactions especially vulnerable. First, the anonymity of online transactions means the buyer’s identity isn’t as easily verified as in person. Without physical verification, like seeing a photo ID or matching a signature, businesses rely on digital tools to verify buyers—which isn’t always foolproof. Additionally, CNP transactions are usually conducted on unsecured networks or personal devices, which opens the door to data breaches and unauthorized access. Together, these factors make CNP transactions more prone to fraud and financial losses.
The cost-effective ways to reduce CNP processing fees
Reducing the costs of CNP transactions can help businesses protect their bottom line. Here are some effective strategies:
Implementing secure payment gateways
Investing in a secure payment gateway can make a big difference. Payment gateways that comply with PCI standards add a strong layer of security, protecting customer data and helping prevent fraud. With fewer cases of fraud, businesses can avoid some chargebacks and the additional fees they bring.
Utilizing Address Verification Service (AVS) and Card Verification Value (CVV)
AVS and CVV are two essential tools for fighting fraud. AVS checks the billing address provided by the buyer against the address on file with the card issuer, while CVV confirms the security code on the back of the card. Together, these tools help verify a customer’s identity, reduce chargebacks, and lower the risk of fraud—all of which can lead to lower processing fees over time.
Leveraging business relationships with processors
Building a good relationship with payment processors can lead to cost savings. Processors may offer lower rates or more flexible fee structures to trusted businesses with good track records. By working with processors and negotiating terms, businesses can find tailored solutions that reduce fees and make handling CNP transactions more affordable.
Key security measures to protect against CNP fraud
Strengthening security for CNP transactions is crucial in protecting customer data and minimizing fraud risks. Here’s how businesses can stay secure:
Maintaining PCI compliance
PCI compliance is a set of standards designed to protect card information. For businesses handling CNP transactions, meeting these standards is critical to ensure customer data is securely stored and processed. Staying compliant not only protects customers but also helps avoid penalties and reduces the chance of data breaches.
Using two-factor authentication (2FA)
Two-factor authentication (2FA) adds an extra step to the transaction process, requiring the buyer to verify their identity through a code sent to their phone or email. This added layer makes it harder for fraudsters to make unauthorized purchases, especially when they don’t have access to the buyer’s secondary device.
Encrypting sensitive customer data
Encryption is the process of converting data into a secure code that only authorized parties can read. By encrypting card information, businesses make it far more challenging for cybercriminals to access and misuse sensitive customer data, adding a vital layer of security.
Implementing real-time fraud detection tools
Real-time fraud detection tools monitor transactions as they happen, flagging suspicious activity immediately. These tools can detect unusual patterns—like rapid purchases from the same card or transactions from unexpected locations—helping businesses stop fraud before it results in a chargeback.
Customer identity verification best practices
For added security, businesses should verify customer identities by confirming billing and shipping addresses and requesting additional information when needed. Simple steps like these help ensure that the buyer is indeed the cardholder, which can reduce the risk of fraud and chargebacks in CNP transactions.
Best practices for managing CNP transactions effectively
Managing CNP transactions with care can help businesses avoid common pitfalls. Here are some best practices:
Training staff on secure payment protocols
Ensuring that all staff handling CNP transactions are trained on security protocols is crucial. This includes recognizing red flags for fraud and following procedures that minimize errors. With proper training, employees can act as a first line of defense against fraud.
Maintaining detailed transaction records
Keeping thorough records of all transactions helps in case of disputes or chargebacks. By having details at hand, businesses can easily track patterns, resolve issues, and maintain a paper trail that can serve as evidence if a transaction is challenged.
Monitoring transaction patterns and customer behavior
Regularly reviewing transaction patterns can help identify potential fraud. If a business notices unusual activity—such as high-frequency purchases or unusual order amounts—it may be a sign of fraudulent behavior. Proactive monitoring enables businesses to catch issues early and protect their operations.
Wrapping up
In the world of digital payments, card-not-present transactions offer unmatched convenience but come with unique challenges. From increased costs to the risk of fraud, handling CNP transactions effectively is crucial for any business. By understanding these risks and applying best practices, businesses can safeguard their operations, minimize fees, and provide a secure, reliable payment experience for customers.
FAQs
What is the difference between card-not-present and card-present transactions?
Card-present transactions occur when the cardholder physically presents their card at the point of sale, allowing for direct verification methods like chip-and-PIN or contactless payments. In contrast, card-not-present transactions happen remotely—such as online or over the phone—where the cardholder and card aren’t physically present, increasing the reliance on digital verification methods.
How can businesses verify cardholder identity in CNP transactions?
Businesses can enhance verification by implementing Address Verification Service (AVS) to confirm billing addresses, requiring the Card Verification Value (CVV) for added security, and utilizing two-factor authentication (2FA) to ensure the cardholder’s identity. These measures help mitigate fraud risks in CNP transactions.
What are common indicators of fraudulent CNP transactions?
Signs of potential fraud include unusually large orders, multiple orders from the same IP address in a short time, mismatched billing and shipping addresses, and orders from high-risk regions. Monitoring these patterns can help businesses detect and prevent fraudulent activities.
Are there specific regulations governing CNP transactions?
Yes, businesses must comply with the Payment Card Industry Data Security Standard (PCI DSS), which outlines requirements for securely handling card information. Additionally, in the EU, the Revised Payment Services Directive (PSD2) mandates Strong Customer Authentication (SCA) for electronic payments, including CNP transactions, to enhance security.
How do chargebacks affect a business’s relationship with payment processors?
High chargeback rates can lead to increased scrutiny from payment processors, higher processing fees, and, in severe cases, termination of the merchant account. Maintaining low chargeback ratios is crucial for sustaining favorable terms with payment service providers.