What is Card Not Present (CNP) and 6 Tips to Reduce CNP Fraud

What is Card Not Present (CNP) and 6 Tips to Reduce CNP Fraud

Technology is advancing and more and more people are adapting to it, most importantly it is making people’s lives easier. With card processing payments, people don’t have to carry the cash, everytime they go out. They usually prefer making online payments (card payments) rather than cash. It is more safe than carrying cash around. 

If you are a business then you must have already known about the card not present (CNP). For all those wondering what it is? It is also a card payment where the cardholder does not have the card physically but still the payment is made. The payment can be conducted through mail, internet, mobile or telephone. The perfect example for such transactions are the payments one makes on e-commerce platforms. And these cnp payments cost more than normal transactions.

But the problem is that since the owner cannot see the cardholders card there are many cards not present fraud taking place. Such frauds are hurting the acquirers, merchants and issuers. The most common scenario of such frauds happen when the card information falls into the wrong hands or hackers. The hackers steal all the information relating to the cards through phishing, hacking or skimming. Once they gather all the relevant information they can perform transactions even if the card is not physically present. Simply put, they can carry out unauthorized transactions even if the card is not physically present with them. 

Technology is advancing, so are fraudsters. So the merchants should be extra careful of such frauds and protect them and their business from such fraudulent situations. It is not as easy as it seems. However, if proper precautions are not taken it may end up becoming an expensive affair for the business. 

Here are a few tips that will help you in reducing CNP fraud.

Collect customer details 

It is always better to have more information about your client, be it to save yourself from fraudulent situations or for sales and marketing purposes. If you validate the user id once, it will help you in cross-selling, upselling and good segmentation. You can gather all kinds of information such as email id, billing address, details of the device they have logged in from, phone number, IP address, and credit card details. 

Collecting all these details will help both you and your customers. Ask for their confirmation to collect the details, explain them the reason behind this. If they are okay with it, they will provide the information, if they are not you may lose a customer. However, it is advisable for you to take their consent before gathering the details and remember once you gather their details it becomes your prime responsibility to protect them too. So make sure your cyber security is inplace to protect your client details.

You can collect their information at three points throughout their journey. It can be either at the registration point, login or while processing the payments. Collecting information will help you in disputes relating to chargebacks. With the help of data you can prove if a customer is risky and refuse any suspicious payments and avoid CNP fraud. 

Data enrichment 

If you are wondering how to collect data then data enrichment is the answer for you. From financial institutions to e-commerce, every business is using these tools to gather information relating to their clients. The process of collecting data with these tools is simple, it collects data from one single point and uses this point to gather more data from external sources. Let’s make it clear for you with an example, By analysing the email address you can find all the platforms or websites registered using this email id. You can also find the country with just a phone number. With all this info you can detect suspicious candidates. If you take the help of the right tools you don’t even have to take your customer to extra authentication steps to gather data. But remember all this should be done by meeting the GDPR requirements. 

Look out for suspicious transactions

As you have already understood about collecting your customers data. And you will have enough data to gather insights about user behaviour. So keep an eye out for any suspicious behaviour. Although what is suspicious for one industry may not be the same for another industry. So understand your normal user behaviour and industry standard. Some of the redflags can be unusual number of chargeback requests, many number of login attempts for a single account, too many password change requests, frequent bulk purchases, multiple users using the same IP or server, usage of virtual machines, changing shipping address, etc. Looking out for such suspicious behaviours may save you intime from fraudsters. The reason behind this abnormal behaviour is that fraudsters work quickly, they will do multiple transactions at a single point to extract as much as they can before getting caught.

Follow best data protection practices

As mentioned above your job is not done once you collect or gather customer information. It is your prime responsibility to protect the customers data. You collect the data to save both you and your customers from Card Not Present fraud. However, that will not be the case if it gets into wrong hands. And not to forget the damage it will cause to your companies reputation and loss of trust between your business and your customers. Protect your client credit information as it is important to protect you and yourself from any potential CNP threats. You can use online tools like SSL, most importantly protect all the pages where you collect all the sensitive information such as social security numbers, addresses and credit cards. And also encrypt your data as efficiently as possible even if you’re sharing information with your staff members.

Check for small transactions too

There is no rule that all the fraudulent transactions should be of bulk purchases. Sometimes they can be small transactions too. To test the card the hacker may make a minute purchase. So always remember that all the fraudulent payments may not affect your business directly. Wondering how to find such fraudulent payments. Frequently check for small transactions that are followed by the big transactions. If you find anything suspicious check into it immediately if not it will damage your business. 

Dispute chargebacks 

You must be beware of friendly fraud too. This is one area that needs to be covered. Friendly frauds occur when the customers have changed their mind about their purchase and have claimed that particular payment is fraudulent. They may also use their real card and try to scam you by claiming chargeback. And the last case can be when other family members have used the card without authorization. Such claims are customers’ fault, if you have all the right evidence there is nothing to fear you can back your claim and win the dispute. So make sure to collect all the important information.


Similar to any other frauds the only way to mitigate the risk of CNP fraud is by planning ahead, being knowledgeable about the situation and being well-equipped. You can either use multiple layers of protection and full fraud prevention tools using different tools. Gather all the data and save your business from any CNP fraud. Always remember to keep any eye-out to find any fraudulent behaviour or suspicious user behaviour. Once you find them immediately take action. If you don’t act fast it may affect your business. Beware and always stay alert!!!


Tagged with
Translate »