{"url":"https://www.clear.sale/blog/card-not-present-fraud-is-skyrocketing","title":"Card-Not-Present Fraud Is Skyrocketing","type":"blog","tldr":"Online retailers detect card-not-present (CNP) fraud by layering multiple signals: device fingerprinting, Address Verification Service (AVS), velocity checks, and machine-learning scoring on every order. No single filter is enough. U.S. merchants were projected to lose $6.4 billion to CNP fraud in 2018 alone, and CNP fraud increased 33% in just one year (2015 to 2016) as EMV chip cards pushed fraudsters from physical stores to online channels. A managed, multilayered approach, combining automated rules with human analyst review, is the most effective way to catch fraud without blocking good orders.","key_facts":["CNP fraud increased 33% from 2015 to 2016 as EMV chip cards pushed fraudsters online","U.S. merchants were projected to lose $6.4 billion to CNP fraud in 2018 (Juniper Research)","1,093 data breaches occurred in 2016, a 40% increase from 2015, flooding the black market with card data","Globally, cumulative CNP fraud losses were projected to exceed $70 billion over the five years following 2018","3D Secure 2.0 shifts chargeback liability to the card issuer when the issuer authenticates the transaction","A managed fraud solution combines automated scoring with human analyst review to reduce both fraud and false declines"],"sections":[],"faq":[{"q":"How do online retailers detect card-not-present fraud?","a":"Retailers detect CNP fraud by combining multiple signals on each transaction: Address Verification Service (AVS) to match the billing address on file, device fingerprinting to flag unfamiliar or spoofed devices, velocity checks to catch rapid repeat orders, and machine-learning models that score risk based on hundreds of behavioral and historical signals. A single filter is rarely enough, a managed, multilayered approach is the industry standard."},{"q":"What is card-not-present fraud?","a":"Card-not-present (CNP) fraud occurs when a stolen card number is used for a transaction where the physical card is not presented, most commonly online purchases, phone orders, or buy-online-pickup-in-store orders. Because the merchant cannot verify the physical card, identity validation falls entirely on digital signals, which makes CNP the primary fraud channel for e-commerce."},{"q":"Why has CNP fraud increased so sharply?","a":"CNP fraud rose 33% from 2015 to 2016, driven by two forces: EMV chip cards made in-person card fraud significantly harder, so fraudsters migrated to online channels; and data breaches surged (1,093 breaches in 2016, a 40% increase from 2015 per the Identity Theft Resource Center), flooding the black market with usable card data."},{"q":"How much do U.S. merchants lose to CNP fraud each year?","a":"U.S. merchants were projected to lose $6.4 billion in 2018 due to CNP fraud, according to Juniper Research. Globally, cumulative losses were projected to exceed $70 billion over the following five years. Merchants absorb most of those losses directly through chargebacks because fraud liability in CNP transactions typically falls on the merchant, not the card issuer."},{"q":"Does Address Verification Service (AVS) stop CNP fraud on its own?","a":"No. AVS checks whether the billing address the shopper provides matches the address on file with the card issuer, which catches some stolen-card attempts. But fraudsters who obtain full card data from breaches often have the billing address too, so AVS alone produces both false positives (blocking good customers) and false negatives (passing fraud). It works best as one layer in a broader detection stack."},{"q":"What is click-and-collect fraud and how is it detected?","a":"Click-and-collect fraud happens when a fraudster uses a stolen card to buy online and picks up the order in person, where many stores do not require ID or card re-verification at pickup. Retailers detect it by flagging orders where the shipping address is a store location combined with a high-risk billing address, a new account, or an unusual device, then requiring staff to verify ID at pickup."},{"q":"What is a managed fraud solution and why do merchants need one?","a":"A managed fraud solution combines automated scoring rules with human analyst review to evaluate orders a machine alone would incorrectly block or approve. Simple rule-based filters catch only known patterns and generate high false-decline rates, which cost merchants good revenue. A managed approach applies machine learning and human expertise together, reducing both fraud losses and unnecessary declines."},{"q":"How does 3D Secure 2.0 affect CNP fraud liability for merchants?","a":"3D Secure 2.0 (3DS2) shifts chargeback liability from the merchant to the card issuer when the issuer authenticates the transaction. When a transaction passes 3DS2 authentication, the merchant is not liable for that chargeback. However, 3DS2 is not universally implemented, and fraudsters increasingly target channels and merchants where it is absent, so it reduces but does not eliminate merchant exposure."}]}