One of people’s worst nightmares is paying through an unsecured platform where their security will be compromised and their card information leaked. Breaches of any form are bad news for both the merchants and their customers. With an unsecured payment channel, no one would like to do business with the merchant. No matter how enticing their products may be, their customers refuse to run the risk of their card information being leaked. This is precisely the reason why business owners are scrambling to look for that payment channel that’s safe, secure, and convenient to use. Set up a secure card not present method.
Generally, there are two categories involving card payments — card not present transactions and card present. Today, we’ll focus on the former as we learn all essential information about this payment option.
Card not present: What does it mean?
Card-not-present (CNP) refers to transactions wherein the customer or card owner doesn’t have to physically hand their card when they make in-store purchases from a merchant. These payments are usually paid via mobile, mail, telephone, or internet. The card numbers used for these transactions are integral, with the required information depending on the brand of the card. However, customers have to note the number found in front of their cards, along with the card’s expiry date and its security code. The customer will also have to indicate their billing address.
What are the different types of transactions accepted by these cards?
Internet, mobile, and mail order and telephone order (MOTO) payments are all transactions allowed with card not present since the customers’ cards are not visible and accessible by the merchant. This is the opposite of scenarios when customers pay at the store. Then again, mobile payments could also be made face-to-face without the business owner or their staff accessing the card in the customer’s digital wallet. MOTO transactions allow card details to be shared over the telephone or sent via post. Unfortunately, MOTO transactions have already been reduced significantly as eCommerce moved people to enter transactions over the net.
What are the processes involving payment type cards not present?
Transactions done via card not present are like face-to-face transactions. Instead of using a Point-of-Sale system (POS), virtual terminals are set to facilitate the transaction flow and process the card details through a payment gateway. After which, the resulting data are passed to the acquirer after the same has been verified by the card-issuing companies like Mastercard and Visa. After the card-issuing companies confirm the transaction, the card owner still needs to authenticate it. Once the transaction gets completed in all stages, a notification will be sent to the merchant to inform him that the payment was successfully made.
How much does it cost to set up a card not present?
The cost of processing card-not-present transactions is the same as the cost of processing face-to-face credit card payments. To recap, the processing fees involved in credit card payments are called interchange fees, PCI and Risk Compliance, markup by payment providers, and assessment fees. All of these fees are also applicable to payment type cards not present or CNP payments.
Take note that the CNP interchange fees are more expensive because of the likelihood of chargebacks and frauds that might happen when a card is not presented during payment. These costs are passed on to the merchants, which explains why CNP payments are more expensive.
What types of frauds are committed in CNP payments?
Fraudulent payment transactions done over the mail, telephone, or internet are all frauds under CNP. The issue here is that the fraudster could access the card holder’s credit or debit card information by stealing the physical card, phishing scams, and card skimming.
Fortunately, there are ways to protect your business from all these types of frauds. First, you can comply with the Payment Card Industry Data Security Standard (PCI DSS) protocols to avoid data breaches. This protocol was made to manage the storage, transmittal, and processing of data from cardholders. Merchants that accept card payments must ensure their compliance to PCI to lessen the likelihood of being defrauded.
The PCI level of compliance any merchant should comply with will depend on the volume of card transactions. If you have a high transaction volume, expect to comply with Level 1, the strictest of all levels. The good news is that many payment service providers belong to the level 1 category; hence, you can be complacent about their payment security protocols.
Aside from complying with the PCI protocols, you can also avoid fraud by preventing chargebacks. Chargebacks happen when customers dispute the charges made to their accounts. They usually contact the bank that issued the credit or debit card and formally request to nullify the charges; hence, the chargeback.
The problem here is when you opt to go through the chargeback process and fail to provide sufficient and indisputable proof that your customer received the charged services or goods, you will indeed have to reimburse and pay the chargeback fees. The latter will be based on the acquirer and card scheme.
There are various reasons for a chargeback to be launched. It could be that the customer believed that the recurring transactions were canceled. It could also be because of confusion on the billing statement or pure fraud. Chargebacks are stressful and troublesome for the merchants. This is why they should actively work in preventing these scenarios to save money and time. It’s also advantageous to provide clear information about your cancellation and return policies while also exerting due diligence in document proofs of sale.
The convenience brought by card-not-present payments doesn’t come without any risk. As you can see, there are instances wherein fraud and chargebacks could happen. However, this doesn’t mean that it’s not safe to use. As a merchant, choose to exercise due diligence in your transactions by following the PCI protocols and fight illegitimate chargebacks with substantial evidence. At the end of the day, you still have the power to ensure that you’re not defrauded.