All you need to know about card-not-present transactions
Fintech Tips / 20.07.2020
With the rise of e-commerce, online shopping and the shrinking of our world into a global village, there’s also been a need for increased payment convenience to cater to a clientele that’s not physically present when making a payment.
This has appeared in the form of card-not-present (CNP) transactions.
Also referred to as MO/TO or Mail Order/Telephone Order transactions, they offer a wide range of convenience for customers who are far away from the merchant.
But what exactly are CNP transactions and are they safe?
Find out in this blog post!
What is a card-not-present transaction?
There are several definitions of card-not-present transactions.
In short, it means that the customer is at a physical distance from the merchant, the merchant doesn’t see or have any physical access to the card and only enters the details provided by the customer on a “virtual terminal”.
Some define a MO/TO transaction as a “payment card transaction made where the cardholder does not or cannot physically present the card for a merchant’s visual examination at the time that an order is given and payment effected.”
While this is an effective definition, there is a further element to this payment type and it entails “any sale processed that does NOT capture the electronic data of the card at the time of the sale.”
The likelihood of fraud
While there’s been a rise in MO/TO or CNP transactions over the past decade, there are some associated risks with this type of payment, namely, fraud.
This is a natural extension of this payment method, as someone who may have gotten hold of your card can use it for fraudulent purposes without the merchant being able to physically examine the card being presented to them, thus raising the risks.
Some of the reasons why these types of transactions are more prone to fraud include the fact that they’re not protected by Chip & PIN, they’re taken at the merchant’s own risk, the merchant can’t check if the card is genuine and the merchant is unable to verify the cardholder’s identity.
In fact, in the UK, statistics show that in 2019, 470.2 million GBP in CNP transactions were reported as fraudulent, up from 110.0 million GBP in 2002.
Meanwhile, other research indicates that 76% of CNP fraud took place in 2018, up from 61% in 2009.
The picture is not as grim as it seems, however, as not only do many merchants like hotels and car rental agencies rely on card-not-present transactions, but there are ways of mitigating your risk and the fraud discussed above.
Best practices to prevent fraudulent transactions
One consequence of fraud discovered by the cardholder for merchants is that merchants can expect to pay chargebacks for the fraudulent card-not-present transaction in question.
Luckily, merchants can limit their exposure to fraud through a variety of “fraud screening tools” that help identify suspicious activities or high-risk transactions, and accept card details over the phone or via email safely.
Let’s take a closer look at some of these tools to help you minimise your risk.
1. SafeKey, Verified by Visa and Mastercard secure code
In a CNP environment, the world’s major card issuers provide some services for authenticating cards.
American Express uses a solution called “SafeKey”, while VISA offers the “Verified by Visa” service which helps “authenticate the identity of cardholders while making a purchase over the internet.”
The way in which identity is authenticated is through a prompt issued for the card owner to enter a password known only by them. This is specialised software which recognises the card on the merchant’s site or payment gateway.
On the other hand, Mastercard offers the “Mastercard SecureCode” service.
Through these added tools, the risk of fraud passes from the merchant to the card issuer.
2. Address Verification Service
While this service is generally limited to the UK in Europe, it’s another form of limiting CNP fraud.
It generally entails the checking and validation of the cardholder’s billing address.
3. Card security code or CVV number
The CVV number is a usually three-digit code at the back of a card, which a merchant will request when receiving a CNP transaction.
Requiring the CVV from the customer is another way of minimising fraud as it ensures that the cardholder has the physical card in front of them.
This may be difficult for some fraudsters who may only have the card’s front details available such as the card’s PAN number and the expiry date.
4. Examine the card’s details
To prevent chargebacks, merchants are encouraged to ask their customers for some of the following information when making CNP transactions:
- Name of the cardholder as it appears on the card
- The expiration date of the card
- Billing address
- CVV number
- Phone number and/or email address
- Account number
5. Other best practices
There are some tell-tale signs of fraudulent activities and steps you can take to reduce these.
Firstly, if you receive an online order, collect your customer’s telephone number and call them to confirm the transaction.
Secondly, costly priority shipments are another indication of possible fraudulent activity.
And finally, if you have repeat customers who make a purchase that seems out of the ordinary, get in touch with them to ensure it’s really them.
This will help you validate the transaction.
Also, make sure you as a merchant are PCI DSS compliant.
This is an important industry practice that will help you reduce the risks of fraudulent activities when accepting MO/TO payments.
The myPOS MO/TO Virtual Terminal
As convenient as a POS terminal, the myPOS MO/TO Virtual Terminal is a safe and secure way of accepting payments from around the world in your free myPOS account with a free IBAN.
Plus there are several benefits to using a MO/TO Virtual Terminal to accept payments.
For example, you can:
- Use it from your computer, phone or tablet, making your business even more mobile
- Use the myPOS mobile app to track your transactions in real-time
- Grant specific access to employees, enabling them to accept payments as well
- Process MO/TO transactions directly from your account
- Enjoy the complete freedom from the need to install software or additional hardware-And more!
In order to make use of this service in your business, you will need to go through a verification process for our team to determine if you’re eligible for it.
Once done, you’re on your way to accepting safe and secure MO/TO payments!
And the best part is that at myPOS, we follow strict security standards and procedures, so any risk of fraud is minimised.
Sign up for MO/TO payments acceptance today!
MO/TO – or CNP – transactions are gaining in popularity and they’re an essential source of income for many merchants.
With the myPOS MO/TO Virtual Terminal, this is an easy solution to all your CNP payments acceptance transactions!