Card-Not-Present Fraud

So convenient to buy just about anything online or by phone using a credit card. Bicycle for two with rear ejector seat? Easy. Dentures with built-in grill? Done. Yellow cake (Uranium, not the birthday kind) from Chad? One word: PayPal.

However, it’s a real challenge for online vendors to avoid card-not-present fraud, as they aren’t able to check for fake or stolen cards using microchips, or ask for identification. They have just a few options to detect if the card is not valid, such as asking for an address and comparing it to the billable address the credit card company has on file. They can also ask for the three-digit CVV code on the back of the card...but of course that can be stolen too.

A thief can get most of the information he or she needs by purchasing stolen credit card numbers that are actually advertised on the internet. They can also get them through phishing, where they send an email to an unsuspecting person (especially the elderly) asking that their credit card information be verified. Or perhaps a disgruntled employee uses the company credit card to go on a personal shopping spree. Then there are those who place an order online and then claim they never received it, getting a credit back from the vendor. Unfortunately, when the thief is successful in a card-not-present fraud, it’s the merchant who has to eat the loss.

Now that card-present fraud is decreasing with microchip technology, there has been an increase in card-not-present fraud. But there is hope for the future to prevent hackers from breaking into a company’s network and stealing their customer data through unsecure online payment systems. More and more online vendors and mobile phone payment apps are using tokenization, a fraud detection software in which the retailer does not have to store data such as credit card numbers on their network.