Card-not-present (CNP) fraud

Entersekt | Encyclopedia | Card-not-present (CNP) fraud
What is card-not-present (CNP) fraud?

Card-not-present (CNP) fraud refers to unauthorized banking transactions made without the physical presence of a customer’s payment card. This type of fraud typically occurs in online and remote transactions, where the cardholder's card details are used without their knowledge or consent. CNP fraud includes activities such as fraudulent e-commerce purchases, unauthorized phone or mail-order transactions, and internet scams aimed at capturing a customer’s card information.

What are the most common CNP fraud trends?

As payment technology evolves, so do the tactics that fraudsters use. Here are a few key trends shaping CNP fraud:

  • Account takeover: Fraudsters gain unauthorized access to user accounts, allowing them to make fraudulent transactions without alerting the cardholder.
  • Synthetic identity theft: Criminals combine real and fake information to create fictitious identities, enabling them to open fraudulent accounts and make online purchases.
  • Data breaches: Breaches of customer data from websites, banks, or merchants provide fraudsters with access to valuable personal information to commit financial fraud.
  • Friendly Fraud: Sometimes referred to as chargeback fraud, this occurs when a legitimate cardholder disputes a transaction they made, leading to financial losses for the business.

What is the best way to prevent card-not-present fraud?

Protecting against card-not-present fraud requires a proactive approach from both consumers and businesses.

Financial institutions that utilize modern customer authentication can protect their customers from CNP fraud. Implementing multi-factor authentication, risk-based authentication and context-based authentication tools that include measures such as biometrics or tokenization, strengthens transaction security and reduces the risk of fraudulent activity.

Consumers should try to limit their digital transactions to verified websites and merchants only. By conducting online transactions with reputable and secure websites and merchants, they can significantly reduce the risk of becoming a victim of CNP fraud.

Card present vs card not present fraud

Card-present fraud occurs when a customer’s physical bank card is used for unauthorized transactions. Card-not-present fraud, on the other hand, refers to situations where the cardholder is not physically present at the point of transaction. CNP fraud is more prevalent in online shopping or digital banking, whereas card-present fraud typically occurs in a physical retail store.

Additional resources:


Card-not-present fraud | Account takeover (ATO) fraud | Identity theft