Isn’t it nice to make an online purchase? 

You get to skip having to go all the way to the store, searching the aisles to find what you need, and waiting in the checkout line to finally pay. To make an online purchase, all you have to do is open up your computer, put an item in your cart, and pay with stored card details. 

It’s a convenient, easy, and frictionless way to pay. 

These types of payments are classified as card-not-present transactions. Card-not-present – commonly known as CNP – transactions happen when customers buy things without using a physical card. There are several forms of CNP transactions, including online purchases, telephone, and mail-order purchases. Even using a stored card-on-file payment constitutes a CNP transaction, as the physical card does not have to be presented at the time of purchase.The rise of the internet made card-not-present payments a growing market – and the global pandemic spurred its growth to new heights. Ecommerce sales in the US jumped 35 percent in 2020 from 2019, the equivalent of ten years of growth in just one.

But as always, with the reward, comes the risk. Merchants benefit from the skyrocketing growth of ecommerce, but they also have to deal with the downside: card-not-present fraud. 

How does card-not-present fraud work? 

Card-not-present or CNP fraud is an umbrella term for credit card scams that occur via online transactions, phone, or other virtual forms of payment in which a customer does not present a physical credit card and the transaction is conducted without the cardholder’s permission. By contrast, card-present fraud results when the card is physically present during a transaction. 

It’s easy to understand why CNP fraud is more prevalent than card-present fraud. At the physical point of sale, there are more security measures in place using the physical features of the card itself, including EMV chip and pin security protocols. 

Scammers can go unnoticed more easily, avoiding the tougher security of in-person transactions. Merchants find it challenging to detect or prevent card-not-present fraud without the ability to physically check the credit card. The result? Once a fraudster gets ahold of a cardholder’s credentials, they can begin to make multiple purchases under the guise of a legitimate customer 

How do fraudsters acquire cardholder credentials? 

CNP fraud often happens after a bad actor steals credit card information through tactics like social engineering attacks, account takeovers, and dark web data markets. Cybercriminals have several techniques to obtain credit card information and billing addresses, such as:

Social engineering attacks: Social engineering attacks involve tricks like phishing, smishing, and vishing. In these attacks, fraudsters get individuals to reveal their personal and payment information. 

• Phishing uses fake emails or websites impersonating reputable organizations. Fraudsters trick victims into providing payment details.
• Smishing uses text messages with deceptive links leading to fake web pages or email addresses where the recipient is duped into providing their information.
• Vishing convinces victims to call a specified number to share their account details, often using spoofed caller identities and automated voice messages to appear trustworthy.

Account takeover: Account Takeover (ATO) fraud is the act of a bad actor gaining unauthorized access to a legitimate customer’s online account – usually as a result of a data breach or phishing techniques – without the owner’s consent or knowledge. When a bad actor obtains access to a customer’s online account, such as a bank account, email address, or social media profile, they can make fraudulent CNP transactions.

Dark web stolen data marketplaces: The dark web is a part of the internet that requires special software or authorization to access. Did you know that stolen credit card details are available to buy on the dark web? In fact, they’re not expensive, selling for an average of $14-$30 per card.

Cybercriminals get stolen card details in social engineering and account takeover attacks. They also breach databases to steal personal and private information. With the stolen information in hand, they turn to the dark web to sell it to other fraudsters. On the dark web, fraudsters can access websites and forums for market research, share insights on the most effective cards and issuers for specific types of fraud, and stay informed about the latest CNP fraud developments.

The impact of CNP fraud on merchants – more than financial woes

According to Statista, global CNP ecommerce fraud reached a value of USD 37 billion in 2024. CNP payments made up 73 percent of all card payment fraud last year.

The most glaring financial burden of CNP fraud is chargeback fraud – chargebacks that occur when a legitimate cardholder makes a purchase but later claims it was invalid. This happens in the case that a fraudster makes a CNP transaction using stolen credentials and the rightful cardholder consequently reports the transaction as fraud, resulting in a chargeback. However, increasingly, consumers also file chargebacks to receive compensation under false pretenses. These fraudulent claims are also known as friendly fraud, or first-party fraud.

It’s a headache for merchants, as merchants are responsible for the chargebacks. Riskified’s data shows that fraudulent chargeback claims make up around 50 percent of chargebacks. Merchants also face the possibility of exceeding chargeback thresholds credit card issuers employ, and go into the credit card programs. Additional fees and fines can come into play, adding even more expense to the equation. 

But there’s more to it than the devastating financial impact. Accumulating excessive chargebacks can negatively impact a merchant’s reputation. According to a Riskified survey, nearly 50 percent of consumers indicated they would not revisit a store following an incident of fraud. If customers think a merchant is vulnerable to fraud, it makes them less confident about shopping there.

Card-not-present fraud detection: Not a nice-to-have, a must-have

Preventing card-not-present fraud starts with recognizing that fraudsters seek weaknesses in organizations. Some of the most common weaknesses include an unsecured payment gateway, weak passwords, and unencrypted customer data. The following techniques can close potential vulnerabilities in your systems and help deter fraudsters from scamming your customers and infiltrating your organization. 

Implement a fraud detection solution 

Fraud prevention technology has evolved to detect and prevent all types of fraud, including card-not-present fraud. Here are some common approaches technology providers leverage to catch fraudsters in their tracks.

Rule-based model

Rules-based fraud detection involves a company defining a set of rules to decide which CNP transactions to approve and which to decline. Rule-based systems are typically rigid as they don’t automatically – or easily – adapt to evolving trends, which could lead to human-made errors like over-declining. 

Scoring model

When routing a transaction to a scoring solution, it will generate a risk score. Merchants then set a threshold and define what happens with that score – whether they get approved, declined, or manually reviewed.

Machine learning-based decisioning 

The widespread, global nature of CNP fraud creates a complex and dynamic fraud landscape that requires a solution that can analyze vast amounts of data in real-time. Machine learning-based decisioning can categorize, track, and analyze millions of data points within milliseconds and generate risk evaluation based on sophisticated models. It’s proactive, designed to self-optimize, and continuously adapts to emerging fraud techniques.

Countless global ecommerce businesses use machine learning for fraud detection and prevention. That’s because it empowers merchants to keep up with and effectively combat fraudsters on a large scale.

Find an accountable fraud prevention partner

Unlike scoring engines and other non-guaranteed fraud solutions, chargeback guarantee solutions provide an accurate decision – approve or decline – instead of a recommendation. This is also known as an accountable fraud model.

In an accountable model, the fraud and risk partner takes responsibility for the cost of fraudulent transactions they approve: the chargeback guarantee. This unique approach provides maximum protection against the ever-evolving threat of payment fraud. The incentive to absorb these costs drives accountable partners to make highly accurate decisions, utilizing real-time machine learning to effectively differentiate between legitimate customers and malicious actors.

No financial loss to fraud is too small

Learn how to build a predictable financial future for your organization with the right fraud strategy.

Get the guide

How real merchants combat card-not-present fraud today

For companies in the live entertainment ticketing industry, card-not-present (CNP) fraud proves especially pervasive. Ticket marketplaces deal in digital products that are in high demand and easy to resell. One major ticketing retailer was combatting increasingly sophisticated and agile fraud attacks, especially during event sales with higher levels of fraud risk, such as big NBA showdowns or large musical artists. 

This ticketing retailer put several tools in place to tackle both friendly and criminal chargebacks that occurred as a result of CNP fraud and also to contest illicit filings. They decided to test out a more automated model based on Riskified’s machine-learning approach and send all of the order volume through Riskified, which has lowered their criminal and fraud chargebacks by 50-75%. 

Take control of CNP fraud 

CNP fraud, unfortunately, is an ever-growing problem. It causes financial distress and reputation concerns and can result in losing customers. Sophisticated fraud solutions offer proven safeguards to protect your business from these risks. 

Frequently asked questions

Return fraud: What it is and how retailers can fight it