Trustpilot

Card Not Present Transactions

For those unfamiliar with the term ‘card not present transactions’, and you’re curious to learn more - you’re in luck.

Below you’ll find the answers to some of the most frequently asked questions about the topic - including insight into how you can cater for card not present transactions in your own business.

What does "card not present" mean?
 

Starting with the basics - the definition of “card not present” relates to two things.

The payment card (as the term suggests!)
The cardholder

An absence of these two things in the context of a financial transaction might seem strange - but it's more common than you think...

What is a CNP transaction?

A card not present (CNP) transaction is exactly that.

A payment that’s completed without the need for the cardholder to physically present their card at the point-of-sale. It’s really that simple.

From ecommerce and online invoices to mail order and phone payments - there are a variety of different examples of common card not present transactions; where merchants don’t need the card or cardholder to process payment ‘in person’, as it were…

Person on laptop

Card-Present vs Card-Not-Present

 

  Card Present Card-Not-Present
Card machine payments
Digital wallet payments
Phone payments
Online payments (ecommerce)
Mail order
Recurring bills (e.g. monthly subscriptions)

How to accept 'customer not present' card payments

 

If you’re the sort of business that could benefit from accepting these types of payments, there are a few different options to explore.

The first is using a virtual terminal.

A virtual terminal enables the merchant to process the absent cardholder’s payment on their behalf while using an internet connected device (such as a tablet or laptop, for instance).

This is obviously a form an online payment - but many phone payments are processed via a virtual terminal.

On the subject of online payments though, nowadays - the internet is arguably the most common market for card not present transactions.

Many ecommerce websites in particular, use secure payment gateways to process payments. A payment gateway is essentially an online form where the customer can enter their card details to complete their purchase.

Alternatively, there’s the more traditional method when it comes to customer not present transactions. Customers who’d rather not disclose their payment details over the phone or internet can send a good old-fashioned invoice if they prefer.

Website code

How to protect your merchant number

 

There is one particular issue that you should protect your merchant ID from - and that’s chargebacks.

Chargebacks are probably the biggest nuisance for online merchants especially, simply because of the higher risk of fraud and disputed transactions associated with online payments.

In fact, some providers may freeze or even revoke your merchant identification number altogether if your business is receiving a high number of disputes.

However, there are plenty of things online businesses can do to prevent chargebacks and protect their merchant identification number in the process.

The three main ones include:

  1. Address Verification (AVS) - this enables you to automatically decline/review online orders where the billing and shipping address don’t match.

  2. Card Verification Value (CVV) - this is a fraud filter that checks whether the card’s actual CVV number and the one entered at the online checkout match.

  3. 3D Secure - this is the authentication window from the customer’s card issuer. Here they are required to a password before they can proceed through the online checkout.
Call security

Preventing "card not present" fraud
 

There are things that everybody can do to prevent card not present fraud. And by everybody - we’re talking businesses and consumers alike.

First of all, with customer not present card payments, there is always the threat that the payment details may have been stolen or obtained without the cardholder’s permission.

It goes without saying, but keeping your valuables safe prevents this type of crime from happening.

From the merchant’s point of view, customer not present transactions gain more credibility when businesses operate in a responsible manner.

This means that they follow the PCI compliance guidelines in place to ensure transactions of this nature remain safe and secure.

Tools for preventing fraud


PCI compliance is a business’s first line of defence against fraudulent activity. It outlines the industry-standard procedures a merchant should follow to protect their customer’s data at all times.

However, beyond the realms of PCI DSS compliance, which is usually dealt with by a company’s payment processing provider, there are a number of other safeguards in place to protect consumers against fraud.

 

Card Issuer Authentication


Sometimes, whoever you bank with will have their own security measures in place for card not present transactions.

You may have come across this when completing an online purchase, for example.

Once you’ve clicked through to buy, another window will open asking you for specific details. This is an example of card issuer authentication in action.

If the new window has the logo of your bank on it, you know it’s something to expect every time you use that particular card during a card not present transaction.

Obviously this varies depending on your card issuer.

 

AVS - Address Verification Service


AVS is the system used to verify the address of a person claiming to own a particular payment card.

This verifies the address provided for the payment against the card’s billing address. So, if the card was stolen - the perpetrator would need to know the actual billing address to complete the transaction.

It’s a simple yet effective security measure used for most online mail order transactions.

 

Card security code

Every card has one.

For Visa cards it’s usually referred to as a CVV2 code, while Mastercard cardholders will recognise it as a CVC2.

Either way, this is essentially the 3-digit security code on the back of your card.

This particular code exists specifically for card not present transactions - where you’re not required to enter your pin.

What is chargeback and what can you do to prevent it?

 

A chargeback (or cardholder dispute) is initiated by the Card Issuing bank and is a reversal of the original transaction; either at the request of the Cardholder or when the issuing bank sees the need to do so via the schemes. All payment processors are governed by scheme rules and regulations. Common reasons for chargebacks / reversals are:


Fraud – cardholder denies participating or authorising a transaction

  • Cardholder disputes the sale for reasons such as failure to receive goods or service
  • Cardholder disputes the sale for reasons of quality
  • Cardholder does not recognise a transaction

All merchants accepting debit and credit card payments run the risk of being liable for chargebacks. A cardholder or card issuer has the right to question or dispute a card transaction. A chargeback can be received up to 120 days after the card transaction was taken. In the case of goods or services being delivered, a chargeback can be raised up to 120 days from agreed date of delivery. Certain exemptions to the 120 days may apply depending on the Card Scheme and the reason for the dispute.

How much does it cost to process credit cards remotely?

 

As you may well expect - there are usually fees charged for CNP payment processing by the respective provider.

In many cases, this usually consists of three different types of credit card processing fees:

  • Interchange fees
  • Assessment fees
  • Standard charge from the provider


Obviously the charges will vary depending on the card issuer and also the payment processing provider you’re with.

Why do card not present transactions cost more?

 

Card not present transactions will typically cost more to process because there are more security risks to consider.

The likelihood of running up chargeback costs is higher with CNP payments, which is why merchants will typically pay as much as they need to pay to their providers to ensure they have the right fraud prevention tools in place.

Laptop

Start taking CNP transactions today

It’s easy to start taking card not present transactions across your business.

All you need to do is shop around in order to find the best processing deal for your business - whether that’s for online payments, phone payments or anything else.

You can even get in touch with us to discuss your options if you like?

We welcome any questions you might have about CNP transactions, and can also help you save money when switching card payment provider.

Handepay Logo White

Helping Businesses Grow

Handepay Ltd, registered address 1 The Boulevard, Shire Park, Welwyn Garden City, AL7 1EL.
Handepay Ltd is authorised and regulated by the Financial Conduct Authority (FCA) under FRN number 673564 for credit broking.
Handepay is not a lender.
Trading address, Westway Park, Galway Crescent, Haydock, St Helens, WA11 0GR
© Handepay Ltd 2006 - 2026

Financial disclaimer:

Handepay Ltd is authorised and regulated by the FCA for consumer credit under FRN 673564. Handepay is a credit broker not a lender. Handepay receives commission from the credit provider for each successful introduction it conducts.

Terminal hire contracts are provided by Merchant Rentals Limited, who is authorised and regulated by the Financial Conduct Authority for Consumer Hire under FRN 720500. Terminal hire can be for consumer hire and non-regulated hire contracts. Please check your contract carefully for details. Regulation of all consumer hire fall under the control of the FCA.

Handepay is not an acquirer. Your acquiring service provider will depend on the service package you choose to receive through Handepay. Handepay acts as an introducer of card acquiring services on behalf of the card acquiring service providers which include Lloyds Bank plc trading as Cardnet and EVO Payments UK.

Lloyds Bank are authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority under registration number 119278. Cardnet is a registered trademark of Lloyds Bank plc.

EVO Payments UK is the trading name of EVO Payments UK Ltd, a payment institution that is authorised and regulated by the Financial Conduct Authority (FRN number 959332).

Editorial disclaimer:

The information we provide does not constitute financial advice and might not apply to your business. Always carry out research into your business’ needs when choosing a new merchant services provider.

Sometimes, we link to other third-party websites to provide you with additional information. At the time of publication, we consider the information accurate, however, we do not have control over their content and are not responsible if any information on these websites change.

The products we display on our website are for illustrative purposes only - if your business requires additional facilities, you may receive a different model than advertised. All of the information contained on this website, including fees, services and functionality, are correct at time of publishing. E&OE.

Would you like
a callback?

FIND OUT MORE

Talk to an advisor today...

Please enter your number and we'll get back to you as soon as possible. *If you'd like to schedule a callback, please enter the best date and time.

Please note: Opening hours: Mon - Fri, 9am - 5pm

+44