Share the article
Subscribe for updates
Sardine needs the contact information you provide to us to contact you about our products and services.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

How Card Not Present (CNP) Fraud is changing

Card Not Present (CNP) Fraud is a type of financial crime that occurs when stolen or unauthorized card information is used to conduct transactions without the physical card being present. This fraud is most commonly associated with online shopping, phone orders, and mail orders, where the merchant cannot verify the card or the cardholder's identity in person.

As physical card security improved, fraudsters shifted their focus to online transactions where cards aren't physically present. Card Not Present (CNP) Fraud skyrocketed, becoming the new battleground in the war against financial crime.

As the world has become increasingly digital, CNP Fraud has grown exponentially, partly due to the enhanced security measures implemented for card-present transactions, such as the adoption of EMV chip technology.

But the fraud is evolving.

Now we see fraudsters target particular high-risk transaction types like:

  • Small businesses that often lack sophisticated fraud controls are susceptible to CNP fraud and see a high volume of attacks
  • E-commerce, where conversion and experience are often preferred over high decline rates at checkout
  • Cross-border transactions lack consistent security measures and create delays in the currency conversion process that are exploited by fraudsters

They’re also helped dramatically by AI and working together in criminal networks

Automation and collaboration
  • Automation: Fraudsters use automated tools and bots to quickly create and manage many synthetic identities, and cards increase their chances of success while reducing manual effort.
  • Collaboration: Organized crime groups increasingly collaborate to share resources, expertise, and stolen data, making it easier for criminals to carry out large-scale, sophisticated synthetic identity fraud operations.

The Conversion imperative

To combat CNP Fraud, card issuers, and merchants are adopting various security measures like two-factor authentication, CVV verification, and advanced fraud detection algorithms that monitor transaction patterns and flag anomalies in real-time.

But this can harm conversion.

The historical way to catch fraud meant stopping many good transactions to catch the bad ones (false positives). If you have to stop 10 good transactions for 1 fraudulent transaction, you’d have a false positive ratio of 10:1. Reducing this number is critical.

Reduce fraud and increase conversion with a risk-based approach

A “risk-based” approach applies friction when risk is high and removes it when risk is low. Removing friction for good users increases revenue, and reducing fraud removes direct and indirect costs.

The ultimate win-win.

Some examples of traditional and risk-based are below. It is important to note these are not exhaustive and will vary in importance based on a card issuer's customer risk profile (for example, domestic vs. international customer bases). It is critical to note these techniques are best used together rather than in isolation.

  1. Create the right friction at the right time with Step-Up verification: Sardine can invoke step-up verification throughout the customer lifecycle based on signals from the device, behavior, proprietary ML, and 30+ data providers. Sardine builds this into a consistent pattern we call the “same user score,” allowing the platform to detect more account takeovers with fewer false positives. One client reduced their false positives by nearly 3x in the first month of using Sardine to detect account takeover and reduced account takeover fraud by 38%.
  2. Pre-built rules for new threat detection: At Sardine, we've combined the world's most experienced data science, ML, fraud, and compliance nerds into a single company. Consistently, we find we can improve performance on fraud detection and AML and reduce costs simultaneously.  It's an extreme example, but one client reduced their manual and human cost base by 10x by shifting to Sardine. That means more runway, more capital to invest in their core competencies, and better fraud protection.
  3. Adapt faster than the fraudsters: A core value at Sardine is speed. Not just moving faster than fraudsters but in feature velocity, rule creation, and going the extra distance to deliver the best performance in the market. With premium support, Sardine offers a dedicated team of strategic account managers & risk analysts who work with your compliance team to create new rules and monitor activity as needed.

To learn more about how Sardine catches more card not present fraud contact us.

Share the article
About the author
Simon Taylor
Head of Strategy and Content