Often when people think of Card Not Present transactions the focus is on the debit or credit card being in a different physical location from the merchant. This is not the full story, in a card transaction all three entities need to be considered; the cardholder, the card and the merchant.
A Card Not Present transaction occurs whenever all three aren’t in the same physical location. Here are the 5 most common instances where this happens:
1) Online Transactions
In this scenario the cardholder and the card are usually in the same location and the merchant elsewhere.
As there is no face to face interaction with the cardholder the merchant needs to take steps to check that they are dealing with a genuine customer. Many merchants look to offset any risk associated with this type of transaction by carrying out AVS and CVV checks, carrying out identity checking or deploying 3D Secure.
2) Telephone Purchases
As with online transactions the cardholder and card are in one location and the merchant another, the concerns and ways of addressing them are similar as for online transactions, however 3D Secure cannot be used. Being able to see the telephone number a customer is using may provide additional information to bolster security measures.
3) Mail Order
This is similar to the telephone example, although 3D Secure and confirming a telephone number can’t help, customers can supply a signature with their order which could provide an additional layer of security. If a CVV/CVC check is being made, the merchant must contact the purchaser as it should not be recorded on the order form.
4) Card on File Payments
This usually occurs where a customer has provided a continuous authorisation on a debit or credit card, frequently for goods that are paid for on a subscription basis but where the value of the goods may vary, making a Direct Debit payment impractical. The ‘single click’ ordering and payment options offered by online retailers are also based on having a card on file. It differs from the above transactions as in many cases the merchant is processing a transaction with no interaction with the customer at point of purchase. While the issues and solutions for this type of transaction remain the same as for the above examples, an additional concern is when the validity of the card expires, at which point the merchant will need to seek new card details or an alternative payment method from their customer.
5) Cloud Wallet Payments
This is a relatively new and increasingly popular option for making everyday purchases using mobile phone apps. Where this differs, interestingly from the above is that the customer and the merchant may very well be in the same physical location but the card is not. Instead the mobile phone application is acting as a proxy for the card and the transaction takes place between the cloud server and acquirer. As this develops providers of cloud-based payment services, such as mobile phone manufacturers, app developers, network operators, merchant acquirers and card issuers will need to work together to maintain security
Of these types of transaction we can predict an increase in payment volumes for online transactions and cloud wallet payments. In both of these cases an understanding of the devices used to transact with can help to improve security. For more information on the role of device intelligence in payments security please click here.