Card-not-present transaction fraud has been on the rise in recent years. A 2018 study from the Federal Reserve showed that card-present fraud in the U.S. declined from $3.68 billion in 2015 to $2.91 billion in 2016, while e-commerce and card not present fraud jumped from $3.4 billion to $4.57 billion during the same period. However, the COVID-19 pandemic caused lockdown mandates and the world went digital. As a result, online shopping volume increased significantly, thus increasing incidents of card-not-present (CNP) fraud. At the onset of the pandemic, online and recurring payments accounted for 66% of all payment fraud loss. It is imperative that businesses successfully navigate the new normal by stopping fraudsters in their tracks.
What is a card-not-present transaction?
A card-not-present (CNP) transaction occurs when neither the cardholder nor the credit card is physically present at the time of the transaction. The customer simply enters their credit card number, the CVV and their billing address. The most common CNP transactions happen online or over the phone. Some other examples of CNP transactions include:
- Invoicing: Invoicing allows customers to pay electronically without interacting with a POS in person. Customers can pay invoices from their phones and desktops with their debit or credit cards.
- Recurring payments: Recurring payments allows for merchant to charge a customer’s credit card for goods and services on a prearranged, recurring schedule. Recurring billing requires obtaining a one-time consent from the cardholder to charge the credit card on file on an ongoing basis until the cardholder withdraws permission.
Prevention is better than cure
The shift towards digital spaces comes with benefits but also high risks of fraud. As a result, companies need to get ahead of schemes by implementing stronger authentication. A consumer’s credit card information can be stolen through a variety of schemes:
- Hacking: Hacking is a direct attack on computer systems that contain financial information, such as retailers, restaurants, hotels, banks, and service providers. Often times cybercriminals sell the stolen data to other bad actors who then use the information to commit other types of financial crimes.
- Skimming: Skimming is the process of stealing information directly from the card itself. Criminals can place the skimming devices directly on card readers in public places, thus stealing card information without the authorized user’s knowledge.
- Phishing: Phishing is an attempt to obtain user credentials from a consumer posing as a legitimate company. Scammers will send out emails warning the customer that their account may have been tampered with, providing a link to the institution. Unfortunately, the link will direct the customer to a fake website where the customers’ credentials will then be stolen. Phishing is the most common scheme used by cybercriminals. Lookout, Inc. research indicates that in 2021, phishing occurrences surged 161% from the previous year. Additionally, 96% of phishing attacks emerge from email.
These schemes can be alarming and costly for both businesses and consumers. When it comes to combatting credit card fraud, prevention is better than cure. Businesses need to be able to ensure safe and secure transaction authorizations to avoid painful chargeback costs. Biometric adoption has accelerated within the past several years and today, biometrics are the gold standard for secure authentication and identity proofing. Streamlining facial recognition or voice authentication into the payment process will ensure secure authentication for card-not-present transactions. If the credit card information is being used by an unauthorized individual, biometric technology will be able to stop the payment from being authorized.
Stop scammers in their tracks with biometrics
Consumers and businesses are dealing with the heavy financial burden that comes with credit-card fraud. In order to stop scammers, businesses have to turn to stronger authentication methods to protect themselves and their customers. Stronger authentication today will mean a better user experience tomorrow.
For businesses looking to implement the strongest authentication method, the recently acquired FortressID platform is a robust option. Fortress Identity provides a unified, cost-effective platform that enables you to verify IDs from 195 countries and continuously KYC (know your customer) from beginning to end. The platform combines onboarding validation, compliance, and due diligence, with biometric multifactor authentication that eliminates passwords and enhances the entire user experience.
To learn more about FortressID, please contact us below: