What is CNP fraud and how can it be prevented?

Last updated: 08 January 2016

Purchasing goods and services on digital platforms should be quick, simple and secure. Unfortunately, however, the boom in eCommerce has attracted the attention of cybercriminals. A particularly concerning trend is CNP fraud, which makes up an astonishing 70% of total card fraud on EMV markets. In the US alone, CNP fraud is expected to be responsible for eye-watering losses of $6.4 billion.

CNP Fraud

It’s crucial that businesses identify the threat, understand why it’s so difficult to combat, and take swift and effective action. The problem is challenging, but not insurmountable.

CNP (Card Not Present) refers to transactions reliant on inputting card information without a physical item present. The nature of the payment means it can be difficult for retailers to verify whether card information has been provided by the actual cardholder or an imposter. Recognizing the issue, fraudsters have increasingly targeted CNP exchanges, mining card information and siphoning off funds to such an extent it now represents 25% of global fraud!

Cyber-thieves capture card details using a variety of methods. One technique is known as ‘skimming’, which involves the quick capturing of card information whilst the cardholder is unaware, perhaps in a busy bar or restaurant. Another way of acquiring card information is ‘phishing’, which involves fraudsters adopting the disguise of a bank or government department and contacting customers via phone or email, asking for their details.

When fraudsters manage to get their hands on customer card information, cybercrime is very difficult to prevent. Security solutions, therefore, should focus on making these details more difficult to access, all the while preserving the seamless experience of shopping online.

With this all in mind, our DCV solution – dynamic code verification – ensures smooth and safe transactions by using a continuously evolving security code on the back of the card or smartphone. Every 20 minutes, the three-digit code changes. When making a purchase, the user just needs to enter the security code visible on their card or smartphone at that particular moment. Information which changes rapidly makes CNP fraud far more difficult, since fraudsters won’t be able to collect a static cryptogram and use it to access funds.

What’s your view on the challenges posed by CNP fraud? Let us know by tweeting @Gemalto. And for more information on CNP fraud, click on our infographic below.

CNP infographic