Skip to main content

Your Essential Guide to Card-Not-Present (CNP) Transactions and Fees

30 October 2024

Please provide your full name
Please provide a valid email address
Please provide a valid contact number
Invalid Input

Written by Libby James
Libby James is co-founder, director and an expert in all things merchant services. Libby is the go-to specialist for business with more complex requirements or businesses that are struggling to find a provider that will accept them. Libby is regularly cited in trade, national and international media.
In this article

    Please provide your full name
    Please provide a valid email address
    Please provide a valid contact number
    Invalid Input

    Share this article with others:

    Understanding transaction types

    When it comes to card payments, there are two main types to understand: card-present (CP) and card-not-present (CNP) transactions. Each has its own fee structure and risk profile, but CNP transactions generally incur higher fees due to their increased potential for fraud. To help you understand why these costs differ, let’s explore what a CNP transaction is, why the fees are higher, and some essential FAQs to help you manage these transactions more effectively.

    What is a Card-Not-Present (CNP) Transaction?

    CNP transaction is any payment where a cardholder completes a purchase without presenting their physical card to the merchant. This type of transaction enables businesses to accept payments online, over the phone, or by mail, allowing them to expand their customer base beyond in-person sales. However, because the card isn’t physically present, these transactions are considered higher risk, resulting in increased fees and a need for robust security measures.

    How Does a CNP Transaction Work?

    Let’s break down a typical CNP transaction from start to finish. First, the customer initiates the payment by providing their card details remotely, either through an online payment form, a phone call, or a mailed order form. The payment information is then routed through a payment gateway, which securely transmits the details to the merchant’s acquiring bank. From here, the acquiring bank sends the payment data to the credit card network, such as Visa or Mastercard, for verification. Finally, the card issuer (usually the customer’s bank) checks and authenticates the card information, assessing the transaction for potential fraud or other risks. If approved, the payment goes through and funds are transferred.

    There are various ways merchants can accept CNP payments: online shopping through a website checkout form, embedded buy buttons on websites, email payment links, recurring payments for subscriptions, electronic invoicing, phone orders where details are manually entered, mobile apps without a card reader, and card-on-file payments for future or recurring purchases. Note: If a customer has their card physically present but the transaction doesn’t capture electronic data from the card’s magnetic strip or chip, it’s still considered a CNP transaction.

    Card-Present vs. Card-Not-Present Transactions

    The key distinction between CP and CNP transactions is the card’s physical presence and data capture. CP transactions occur when a customer physically presents their card, enabling the merchant to swipe, tap, or insert it. These transactions are considered lower risk due to the increased security provided by electronic data capture (EDC), especially with technologies like EMV chips or NFC contactless payments.

    Examples of Card-Present Transactions:

    • Contactless payments (NFC): Tap to pay with a mobile wallet such as Apple Pay
    • Chip and PIN: Insert the card and input a PIN
    • Swipe and sign: Swipe the card and provide a signature
    • Chip and signature: Insert the card, authenticate with a signature

    CP transactions are lower risk because they involve the physical card, allowing the merchant to verify its authenticity and reducing the likelihood of fraud.

    Why CNP Transactions Incur Higher Fees

    While both CP and CNP transactions involve processing fees, CNP transactions carry higher fees to account for greater fraud risk and chargeback potential. Here are the main reasons:

    1. Fraud Risk: CNP transactions are more vulnerable to fraud because the merchant can’t physically verify the card. Criminals can easily steal card data without having the physical card, and online platforms provide additional opportunities for fraudulent activities.
    2. Chargeback Liability: Due to higher fraud potential, merchants processing CNP transactions face a higher likelihood of chargebacks, which are disputes initiated by the cardholder. Chargebacks often result in refunds, and handling these disputes involves additional fees and the risk of lost revenue.
    3. Processing Costs: CNP transactions generally involve higher interchange fees—the fees that acquiring banks pay to the card issuer for each transaction. The lack of physical card verification adds fraud risks, leading to a higher cost of processing. Payment processors may also include mark-up fees to compensate for these risks.

    Different Pricing Models and CNP Fees

    Processing costs depend on the pricing model agreed upon with the payment processor. Here are two common structures:

    • Interchange Plus Pricing: The merchant pays the actual interchange cost plus a fixed mark-up fee. While the processor’s fee remains the same, CNP transactions often fall into a higher interchange rate category due to increased fraud risks.
    • Tiered Pricing: With tiered pricing, transactions are categorised by risk, and CNP transactions typically fall into a higher-cost tier. This approach allows payment processors to set higher fees specifically for CNP transactions.

    CNP Fraud Trends and Statistics

    In the UK alone, CNP fraud amounted to £412.5 million in 2021, accounting for nearly 79% of all card fraud losses. This increase is largely attributed to the rise in online shopping and data security breaches during the COVID-19 pandemic. Many fraud cases involve stolen payment card details used for online or mail-order purchases. Card networks and banks were able to intercept around £966.6 million of card fraud in 2021 through heightened security measures.

    How to Mitigate Fraud and Chargebacks in CNP Transactions

    Given the increased risk, it’s important to use security tools to protect your business from fraudulent CNP transactions:

    1. Secure Payment Gateways: Use a reliable payment gateway to authenticate transactions and flag any suspicious activity.
    2. PCI DSS Compliance: Following the Payment Card Industry Data Security Standard (PCI DSS) protects card data through network security, monitoring, and policy management.
    3. Address Verification Service (AVS): AVS matches the billing address entered by the customer with the one registered with the card issuer to prevent unauthorised transactions.
    4. Card Security Code (CVV) Verification: Require customers to enter the CVV code on the back of their card to reduce the risk of fraud.
    5. Avoid Storing Card Data: Limit data storage to reduce risks in case of a data breach.
    6. Customer Billing Statements: Include business details on billing statements to help customers recognise transactions and prevent chargeback disputes.
    7. Smart Reporting Tools: Use advanced reporting tools to identify suspicious activity, such as multiple returns or unusual purchases.
    8. Employee Security Training: Educate staff on security practices to prevent breaches and mishandling of sensitive data.

    Final Thoughts

    Understanding CNP transactions, the reasons behind higher fees, and the available fraud prevention tools, can help you manage risks and processing costs more effectively. By leveraging secure technologies and maintaining compliance with industry standards, you’ll be well-equipped to handle CNP transactions safely and protect your business against potential fraud. Search for CNP providers in The Payments Directory®.

     

    FAQs

    What is a card-not-present transaction?
    A CNP transaction is a payment where the customer’s card is not physically present. Examples include online, phone, or mail-order purchases.
    Why are CNP transactions more expensive than CP transactions?
    The increased costs cover higher fraud risks and chargeback potential associated with remote transactions.
    How can I reduce fees on CNP transactions?
    Using a physical card reader where possible or selecting a suitable pricing model can help reduce fees.
    Are recurring subscription payments CNP transactions?
    Yes, recurring payments (such as subscriptions) are considered CNP transactions since they are processed without the card being present.
    What is the “liability shift” and how does it affect my business?
    In 2015, a liability shift made businesses accountable for fraud losses if they didn’t use secure EMV technology when processing chip cards. This shift encourages businesses to adopt chip readers for better security.
    Do all online purchases count as CNP transactions?
    Yes, all online payments are considered CNP because the card details are entered remotely without physical interaction with the card.
    Is there a difference between CNP transactions entered by the merchant versus the customer?
    Yes, if the merchant enters the card details, they must comply with PCI DSS requirements for handling card data. When the customer initiates a remote payment, the compliance requirements for the merchant are reduced.
    What fraud prevention tools can help me reduce risks in CNP transactions?
    Secure payment gateways, AVS, CVV verification, PCI compliance, and real-time reporting are essential tools to mitigate fraud risks in CNP transactions.

    Related Articles