What is card-not-present fraud?
Card-not-present fraud (CNP) is a category of fraud made via online transactions, telephone, or mail.
In other words, it's a fraudulent payment in situations where a card is not presented to a merchant for a visual check.
Typically, a CNP fraud happens after a payment card or information on the card has been stolen (name, card number, and 3-digit static card security code at the back) or purchased on the Dark Web.
Card-not-present fraud trends
Card-not-present fraud has long been the dominant form of payment fraud. According to 2020 data from Nilson, CNP accounted for 70% of total fraud losses incurred by merchants and acquirers. This is driven by the continuous rise in e-commerce transactions and the growing sophistication of fraud tactics.
CNP fraud in the U.S.
An Insider Intelligence report forecasted that merchants, consumers, and issuers in the United States would lose a combined total of $10.16 billion to CNP fraud in 2024. In its “True Cost of Fraud” report, LexisNexis estimated that every $1 in CNP fraud costs $3.75 to merchants in the U.S.
CNP fraud in the U.K. and EEA
Over 2.13 million cases of CNP fraud in 2023 resulted in the loss of £360.5 million in the U.K. according to the UK Finance Annual Fraud Report. While this is certainly unsettling news, instances of CNP declined by 4% change from the previous year.
Similarly, according to the European Central Bank, CNP fraud accounted for approximately 63% of the total value of card fraud within the European Economic Area (EEA) in 2022.
The declines in CNP fraud in Europe can be attributed in large part to the mandated implementation of Strong Customer Authentication (SCA) for e-commerce – solidifying the value of SCA and similar measures.
Businesses must continue to adopt innovative security measures to stay ahead of evolving threats. One such solution is Thales' Dynamic Code Verification (DCV), which offers an additional layer of protection for online transactions, ensuring that cardholders and businesses alike can mitigate fraud risks effectively.
Preserve the consumer's shopping experience.
Thales Gemalto's Dynamic Code Verification is a complete card-not-present security solution based on the following:
- a payment display card,
- a mobile solution,
- and a validation server.
It replaces static cryptograms with dynamic codes, thus mitigating fraud linked to using static card numbers stolen online without any impact on the merchant's infrastructure.
The Thales Gemalto Dynamic Code Verification is the first complete and adaptable solution.
Banks can decide to deploy the solution on mobile, on display cards, or with both components.
The versatility offered by Thales Gemalto Dynamic Code Verification allows banks to provide a relevant and secure eCommerce solution to their customers.
TAKE THE NEXT STEP
Manage and secure digital identities at scale
How Thales Gemalto DCV mitigates online fraud
Mobile DCV
The Thales Gemalto mobile DCV solution allows your customers to store their cards and read the dynamic codes on their mobile phones.
Customers can choose to secure their application with a PIN to add a strong authentication layer to the application.
- Stores your cards in a secure mobile application
- Allows you to complete simple and secure transactions
Dynamic Code Card
The Thales Gemalto Dynamic Code Card is a classic EMV contactless payment card that displays a dynamic code that automatically changes every 20 minutes without the cardholder's intervention.
Instead of the static code currently used to secure online purchases, the dynamic code is displayed on a small ePaper screen on the back of the card.
- Up to 125K Dynamic Code Verifications in 4 years
- Updated security cryptogram every 20 minutes
Thales Gemalto Confirm Authentication Server
The Thales Gemalto Confirm Authentication Server is a multi-channel, multi-token, and vendor-agnostic authentication solution that supports all forms of authentication technologies across all channels.
It allows easy integration into banks' authorization hosts and is protected by hardware security modules.
- Easy integration
- Field-proven, comprehensive, scalable, and cost-effective
Featured Resource
Thales Dynamic Code Verification
Thales Gemalto’s Dynamic Code Verification is an issuer-centric card-not-present (CNP) security solution based on a payment display card, a mobile solution and a validation server. It allows banks to mitigate fraud while preserving the consumer’s online shopping experience.