What is Card Not Present?
A remote purchase card-not-present (CNP)
transaction is one where the cardholder and the card are not present at the point-of-sale.
What is the risk?
Risk-mitigation technologies such as EMV chip cards have helped to significantly reduce card-present fraud rates.
As a result, criminals are increasingly looking to exploit CNP channels such as mail order/telephone order and e-commerce. Telephone-based payments represent an area of opportunity for fraud as this method of payment exposes account data in the clear and must be given full consideration in any security strategy and PCI DSS compliance program.
How does it affect my business or contact centre?
Simply put, without adequate protection your business is exposed to fraud.
Because the card and cardholder are not present, you are unable to physically check the card or the identity of the cardholder, therefore it is much easier for the fraudster to disguise their true identity.
Coupled with the fact that there are currently over 13.5 million compromised cards available to purchase on the dark web, you have never been more exposed.
You should be aware that a standard 'authorisation' from your payment service provider does not guarantee against fraud related chargebacks. This is because you may have not authenticated that it is the genuine cardholder who is completing the transaction.
It is your responsibility for ensuring that CNP transactions
are not fraudulent. If a fraudulent transaction is processed, then your business will be liable for the loss.