card-not-present fraud (card-not-present transaction)

Contributor(s): Madelyn Bacon

Card-not-present (CNP) fraud is the unauthorized use of a payment card when the cardholder does not physically present the card at the time of the transaction.

In CNP fraud, merchants unwittingly process fraudulent transactions because the party committing the fraud has gained access to the information on the card's magnetic strip and knows the payment card number, the card's three-digit security code and the cardholder's name and address. Because the merchant never physically handles the payment card, there is not an opportunity to verify the cardholder's signature or request additional identification. The victim, who usually remains in possession of the compromised card, is typically unaware of the fraud until after the unauthorized activity has occurred. 

Content Continues Below

The information necessary to commit CNP fraud can be gained through a variety of methods including skimming, phishing and carding. Unlike transactions in which a card is present, the loss liability for fraudulent CNP transactions falls to the merchant which means the payment processor will charge the full value of the fraudulent purchase back to the merchant.

This was last updated in April 2015

Next Steps

Web fraud detection systems can reduce credit card fraud. This Buying Decisions series offers an introduction to Web fraud detection systems, compares the top Web fraud detection systems, and examines four scenarios where Web fraud detection is used in an enterprise, as well as criteria for buying Web fraud detection products

Continue Reading About card-not-present fraud (card-not-present transaction)

Dig Deeper on Hacker tools and techniques: Underground hacking sites

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I have gotten a few new cards lately. They now have the security chip and a few even offer to have your picture on the card. All fine if you are in a store and are using the card. Online purchases have no clue if you are the authorized user. My one question has been, if someone charge say a TV to my card as an online purchase. Why doesn't the credit card company go to the merchant and find out where it was shipped to? Go there and make an arrest if the merchandise is found.