Over the past decade, the Internet has reshaped how fraudsters target cardholder data.
Traditional storefronts rely on card-present transactions that utilize hardware and onsite equipment, making it more difficult for bad actors to gain unauthorized access to payment data.
But, the continued rise of card-not-present transactions gives fraudsters new avenues to access this data.
Insider Intelligence reports that CNP fraud accounted for nearly $9.5 billion in total losses in 2023, up 8.5% from 2022. Moreover, CNP fraud has grown in tandem with e-commerce growth, with retail e-commerce sales growing by 36.4% and CNP fraud loss increasing by 31.2% in the same period.
As a business owner and merchant, one of your core responsibilities is to protect your customers’ payment information both in-person and digitally.
Join us as we explore the difference between card-present and card-not-present transactions and the unique challenges each payment type presents.
Defining Card-Not-Present vs. Card-Present Transactions
Card-Present refers to transactions that happen in person, allowing you to verify a customer’s cardholder information and identity in person as well.
Card-Not-Present (CNP), on the other hand, refers to transactions where a card is not physically present. In most cases, CNP transactions occur when customers make digital payments. However, CNP transactions can also refer to instances where a customer has their card information (such as the card number, PIN, and zip code associated with the account) but does not physically have the card with them.
Both card-not-present and card-present refer to transactions involving card payments.
The key distinction between the two types of transactions comes down to the nature of the transaction and whether or not the card information is obtained by manual entry versus a swipe or a tap. . Each transaction has its benefits and challenges, making it crucial to consider both when setting up your merchant accounts and storefronts. If your business is primarily or entirely online, you must pay special attention to the challenges of CNP transactions.
With this in mind, let’s look at the challenges of both to demystify their differences further.
The Challenges of Card-Present Transactions
Card-present transactions offer several advantages for traditional brick-and-mortar storefronts. As a result, many physical businesses still rely heavily on card-present payments.
The main advantages of card-present transactions are greater control over security and reduced transaction costs. Card-present transactions allow you to leverage physical hardware and point-of-sale systems to verify the ownership of the card, ultimately lowering the chance of fraudulent payments that can lead to troublesome chargeback processes.
However, while the presence of physical equipment can increase the safety of payments, it can also prove to be a cumbersome part of the transactional process. The primary challenge of card-present transactions is tied to this need for hardware and the possibility of hardware failures, as well as the need to safeguard card readers and other equipment from card skimming.
Additionally, relying solely on card-present transactions can severely limit your ability to expand your business. By venturing into digital territory and enabling CNP transactions via your online storefront and other digital channels, you can reach new customers and increase revenue.
The Advantages & Challenges of Card-Not-Present Transactions
Card-not-present transactions provide many key advantages to your business that make them worthwhile to add to your payment stack. Namely, enabling CNP transactions allows your business to operate remotely, provide customers with digital access to products and services, and expand into new regions.
Meanwhile, the most well-known challenge of card-not-present transactions is an increased risk of fraud.
Thinking back to the Insider Intelligence report discussed earlier, CNP fraud made up roughly 73% of all card payment fraud in the last year. One of the major factors that make CNP transactions so risky is that you cannot verify the cardholder’s information and identity in person, requiring you to verify a cardholder’s validity through digital channels instead.
This need for remote fraud prevention presents several challenges, such as:
- Identity Verification: Verifying a customer’s identity in a CNP scenario can be tricky and requires the right mix of payment tools and services. Some of the most common measures to verify cardholder identity digitally include asking for a card’s PIN or CVV, as well as asking for a zip code and billing address.
- Disputes & Chargebacks: Payment disputes and chargebacks can occur at higher rates when dealing with online purchases and CNP transactions. Additionally, payment processors often consider CNP transactions to have a higher chargeback risk, often resulting in your business being faced with higher fees and higher overall fraud liability.
- Customer Trust: CNP transactions provide customers with greater convenience but can also pose threats to overall customer trust. To transform first-time patrons into returning customers, you must provide a smooth and secure online transaction process in which customers feel comfortable sharing their payment information.
How Tokenization Adds Another Layer to Help Overcome Card-Not-Present Challenges
In today’s modern payment environment, achieving the most effective approach to payment security requires innovative technologies and methods — such as tokenization.
The tokenization process replaces sensitive payment data with non-sensitive tokens that hold no intrinsic value on their own. Through the tokenization process, you can store original payment data securely within a token vault and substitute tokens in place of the payment data within your systems and applications.
Many CNP fraudulent transactions are a result of a card number or Primary Account Number (PAN) which has been captured by fraudsters as part of a data breach or other theft of the card details. As mentioned, if a token is exposed to a fraudster it cannot be used for transactions elsewhere preventing the fraudulent transaction before the attempt even happens.
Additionally in a CNP payments strategy, tokens work best with complementary tools like Account Updaters that keep cardholder information up-to-date to keep returning customers or subscription payments flowing without interrupt. Tokenization can be especially useful if you are storing sensitive data for extended periods or need stored data to be regularly updated for recurring payments.
Protect Your Payments with Spreedly
Succeeding in today’s business landscape requires digital innovation — particularly in the realm of payments. At Spreedly, our payment orchestration platform provides you with all the essential tools and services you need to secure your customers’ payment data, including network tokenization.
Plus, Spreedly’s recently launched Advanced Vault optimizes your payment methods by combining network tokenization with modern lifecycle features and data-enrichment tools.
Speak with the Spreedly team today to start safeguarding your CNP transactions.