What is a Card Not Present Transaction and How to Prevent Fraudulent Transactions
Welcome to the 1st blog post in our series on Card Not Present transactions. In this first post, David Orme, SVP Sales, and Marketing at IDEX Biometrics explain what Card Not Present is and how to prevent fraudulent transactions.
It’s far more difficult to stop credit card fraud when both the cardholder and card are not physically present during the transaction. In a face-to-face situation, a merchant can examine a card to ensure its validity. They can also confirm the person using the card is authorized to do so by visually inspecting the person’s ID. However, when a person is making a payment by phone or online – known as a “card not present transaction” – none of these security checks can be performed.
Clearly, card not present transactions may leave a merchant more vulnerable to fraud, but merchants have to be able to accept these types of transactions in today’s digitally-driven world. Not processing online or phone orders puts a business at a distinct disadvantage because consumers are increasingly making purchases without physically entering a store. If a business doesn’t accept online or phone orders, many would-be customers will simply go somewhere that will instead. The good news is that merchants will soon be able to reduce their exposure to the card not present fraud by improving their means of transaction authentication with tools such as Biometric Identification technology.
Authentication in a new world
A merchant’s authentication processes are the key to a secure and successful card, not present commerce. The wave of online data breaches from major retailers that have made the news in recent years is exposing the current weaknesses in online payment security. Simply put, the need for a more airtight card, not present authentication is increasing by the day.
Currently, there are three primary ways a customer can authenticate his or her identity: ownership factor, knowledge factor and inherence factor. Ownership factor is an item a person has, such as a credit card, while the knowledge factor is information the person knows, such as his or her password or PIN. Inherence factor is something that a person does or is, including unique facial features or a fingerprint. With Biometric Identification technology, the factor primarily used for authentication is inherence.
The addition of Biometric Identification technology, which makes for three-factor authentication in a transaction, can protect and ensure the cardholder’s identity even when the merchant does not have access to the person or his or her credit card in the physical sense. The natural advantage and strength of biometrics are that while they are easily accessible by the user, they’re not easy to counterfeit since they are unique to the cardholder. A criminal can get a cardholder’s password in many ways, but it’s not nearly as easy to get someone’s fingerprint.
Furthermore, biometric payment cards are in development that will feature an integrated dynamic display. This display can be used for a range of features, including dynamic CVV to address card-not-present fraud, whereby a new 3-digit code can be dynamically generated for purchases.
Consumers are adapting to biometrics
Previously, there were personal privacy concerns among consumers over the use of biometrics. However, it appears that the consumer sentiment toward this type of technology is now shifting, which will allow for faster adoption.
Today’s consumer is more familiar with and used to biometrics than consumers of the past because it is used as a security measure on many of today’s mobile devices. In addition, people are becoming more concerned about the exposure of their personal information by criminals and hackers in online transactions. As reported by Digital Commerce 360, retail consulting firm Accenture found that more than half of 2017’s holiday shoppers were worried about the safety of online transactions, and 64 percent were planning on only making online purchases at websites they knew or websites that appeared reputable (https://www.digitalcommerce360.com/2017/10/06/cybersecurity-concerns-may-keep-shoppers-from-trying-new-online-retailers-this-holiday-season/).
This can make it more difficult for businesses to acquire new customers. However; adopting enhanced security tools such as Biometric Identification technology can help put these wary customers’ minds at ease.
Research firm Statista reports that around 230 million people are expected to shop online in the US in 2021 alone (https://www.statista.com/statistics/183755/number-of-us-internet-shoppers-since-2009/). Today’s merchants simply can’t afford to lose out on a potentially massive consumer base over security fears, no matter how valid those fears may be. By adding biometrics to existing authentication processes, a business can process card not present transactions knowing that they have done everything they can to prevent fraud, protect their customers’ information, and preserve their company’s reputation.