To optimize average sales, businesses should implement payment solutions that accept various methods and protect customer credit card information during check-out.
Online payment processing securely performs credit card transactions through data encryption and verification to ensure that customer purchases are protected. Companies with established online payment services can offer card-not-present (CNP) and card-present transactions.
However, businesses should understand the risks involved with completing CNP transactions and implement preventative measures for card data security.
To fulfill an order, the merchant or payment processor must have a customer's card and billing information. However, this information can be provided whether or not the card is in-hand, through card-not-present and card-present transactions.
CNP transactions are purchases made with the information of a credit or debit card without the physical card being present. This occurs when the consumer and merchant are not handling the transaction in person, typically during online shopping. However, CNP transactions can also be processed over the phone or by mail.
To verify identity and payment information, CNP transactions require the cardholder's name and address, as well as the card number, security code, and expiration date. When ordering from an e-commerce site, this information is passed through a payment gateway that encrypts the data and transmits it to the processor.
This service verifies that the issuing bank, or consumer's payment account, has adequate funds to make the purchase. If the bank approves the request, an order confirmation is sent to the customer, and the funds are transferred to the business's merchant account. CNP transactions are used frequently and account for $517 billion made from online shopping just in 2018.
Similar to paying in cash or by check, card-present transactions require the merchant and buyer to be physically present. The credit or debit card is processed using a terminal that collects the information by swiping or inserting the chip.
If paying by a debit card, the reader then requests the customer to enter their pin code as an extra precaution. On other occasions, the card number can be typed manually into the store's payment processor. Regardless, any purchase fulfilled in-person using a credit card is considered a card-present transaction.
Once the card reader takes the payment information, the process is similar to the CNP transaction. The card network or issuing bank approves or declines a purchase based on available credit. If the request is accepted, the terminal recognizes it immediately and prints the receipt. However, if the payment is declined, the cashier is alerted, and the sale cannot be finalized.
CNP transactions have a higher level of risk because it does not require the card to be physically present to fulfill an order. When the card is in-hand, the store employee can verify the purchase by comparing the customer's billing information to their driver's license. The cardholder's name and signature should match what is displayed on their license. When using a debit card, the customer is also prompted to plug in their security pin code.
However, CNP transactions do not have any of these security measures or verification opportunities to validate the purchase on-site. While accepting CNP payments broadens a business's customer scope, it also makes their transactions susceptible to fraud. The two main types of card-not-present fraud that merchants often face include-
Credit Card Fraud
As a form of identity fraud, credit card theft can occur from stolen cards or leaked payment information. When a criminal makes a purchase using someone else's card information, the victim doesn't learn about it until after the transaction. Not only does fraud affect the cardholder's finances, but it often results in chargebacks filed against the business.
Also known as friendly fraud, chargeback fraud occurs when a consumer orders and receives a product from a business but then reports the fund withdrawal to their bank. Once the chargeback is verified, the customer is refunded and usually is not required to return the item. This is a tactic to receive an item for free, costing the merchant capital, stock, and time. While the company can dispute the file against them, only a few find success, wasting the business's time and resources.
Despite its fraud risks, businesses should accept CNP transactions to open their online store. E-commerce sites process purchases solely using this method and are expected to rake in $4.9 trillion by 2021. Therefore, denying CNP transactions is almost like refusing revenue. While merchants can implement a procedure that allows customers to reserve items online and pay in-store, it increases cart abandonment and disrupts the check-out process.
Instead, businesses should focus on implementing risk management protocol that allows them to accept all payment types while reducing their exposure to fraud. Merchants must ensure that their online payment service is PCI compliant, meaning it meets the industry's security standards to process a purchase securely. While most processes and software have PCI compliance, merchant accounts can vary. Management should read their contracts thoroughly and ask their providers questions on their safety measures.
Other safety measures retailers can utilize include-
- Address Verification System (AVS) - The software automatically compares the customer's address and the billing information of the card presented. This may occur as a prompt to input the buyer's zip code or verification without the customer database.
- CVV Checks - A CVV check requires the consumer to input the three-digit code on the back of their credit card before finalizing the purchase.
- 3-D Secure - Used for online purchases, this system demands the customer to input a one-time code that was sent to their cell phone or email address.
CNP transactions may present risks but is a significant element in modern shopping. As e-commerce retailers continue to grow, businesses should consider developing an online store to maintain customer retention. Investing in additional safety measures can prevent the risk of fraud and secure customer and business data.