Card Not Present Fraud in 2022
02/03/2022
Card-not-present (CNP) fraud is constantly evolving; starting with the computerisation of payment networks in the ‘70s.
We have seen this type of fraud shift and transform, from the early days when fraudsters had to go ‘trashing’, through the Dotcom boom, to today’s cybercrime landscape populated with bots, VPNs and sophisticated human-initiated attacks.
However, with all the various attack typologies available to fraudsters, what’s the draw when it comes to CNP fraud?
Payments are big business. So big in fact that UK Finance’s Fraud the Facts 2021 report shows that card-not-present fraud constituted 85.3% of all card fraud reported in the previous year – a staggering number. It should come as no surprise, therefore, that an estimated $200 billion will be lost to online payment fraud by 2025.
Fraudsters understand that CNP presents a weakness for both businesses and consumers – and they are investing in their criminal trade – the risk is worth the reward when it comes to CNP fraud.
The lucrative nature of this type of fraud means that fraudulent attacks are becoming increasingly sophisticated and complex, and the style of attack is evolving on a daily basis.
Essentially, CNP fraud is getting harder to detect and more difficult to prevent.
How does Card Not Present (CNP) Fraud Work?
This type of fraud takes place when a transaction is made over the telephone or online. It’s an illegal payment that’s made when the merchant is unable to make a visual check.
This is a very challenging credit card scam due to the fact a fraudster or bad actor obtains stolen card information like card number, name, and three-digit security code.
It has been reported that in 2022 fraudsters can purchase illegal credit card numbers for as little as £7 and payment data for around £200 from the dark web.
How to reduce Card Not Present (CNP) Fraud
Make sure you gather as much customer data as possible. The type of data you should obtain includes:
- Customer email address
- Contact billing address
- IP address Credit card number, including the 3-digit CVV code from the back of the card
- Customer phone number
- As much information you can learn about the device used by the applicant/customer
In this video Kate Dunckley and Ellie Burns discuss how to address CNP fraud while also optimising 3DS customer card authentication payment workflows.
Understanding the CNP journey
The key to combatting rising levels of this fraud is to better verify the digital identity of customers during the transaction process. However, the challenge facing the financial services industry is how to do this effectively without creating excessive friction in the sales process.
In low-risk scenarios, merchants can choose to accept liability of a payment transaction and reduce any unnecessary friction.However, when the level of risk is high, they will send the transaction for additional card issuer authentication checks through 3-D Secure; delegating the liability to the card issuer, which may create more friction.
This makes it critical that the merchant, acquirer and issuer work together to reduce friction in the checkpoint process, while maintaining tight fraud controls.
How to solve the issues of Card Not Present fraud in a remote purchase environment
CNP Fraud Solutions
LexisNexis® ThreatMetrix digital identity intelligence provides a unified view of trust and risk across the entire customer journey, from account creation, to login, change of details, and payments.
Our market-leading digital identity intelligence comes with an intuitive risk engine enabling flexible rules management, behavioural analytics and machine learning, in addition to providing a wide range of authentication solutions.
Card Not Present Fraud: Solution Guide
Being able to confidently differentiate between genuine and fraudulent transactions in a card-not-present (CNP) transaction can be a challenging task. This guide is helpful if you would like to reduce transaction risk assessment rates, drive down CNP false positives, reduce losses to CNP fraud, or balance frictionless customer experience with reduced risk.
The time has never been better to get ahead of CNP/remote purchase fraud. View our CNP fraud defence guide now.
Summary
Card-not-present fraud statistics
UK Finance’s Fraud the Facts 2021 report shows that in 2020 card-not-present fraud constituted 85.3% of all card fraud reported – a staggering number. It should come as no surprise, therefore, that an estimated $200 billion will be lost to online payment fraud by 2025.
There was over 1.4 Million instances of card fraud in the UK. It has been reported that in 2022 fraudsters can purchase illegal credit card numbers for as little as £7 and payment data for around £200 from the dark web.
Why is Card Not Present fraud popular?
This type of fraud is popular because fraudsters understand that card-not-present fraud presents a weakness for both businesses and consumers. The risk is worth the reward when it comes to CNP fraud for many financial criminals.
What is Card Not Present fraud?
Card-not-present fraud takes place when a transaction is made over the telephone or online. It’s an illegal payment that’s made when the merchant is unable to make a visual check.
Why do fraudsters use gift cards?
Gift cards, enable fraudsters to be more anonymous. Fraudsters use stolen credit cards to buy e-gift cards and then try to make money by selling them on.
How to prevent Card Not Present fraud?
Make sure you gather as much customer data as possible. The type of data you should obtain includes: customer email address, contact billing address, IP address, credit card number, and phone number.
How does Card Not Present fraud occur?
Card-not-present fraud occurs when a transaction is made over the telephone or online. It’s an illegal payment that’s made when the merchant is unable to make a visual check.
Can your business spot the good from the bad?
Detect and prevent card-not-present fraud to protect customers and reduce losses, while maintaining a seamless customer journey.
