What Does the EMV Migration Mean for Card-Not-Present Merchants?

For all the good it does and protection it provides, the EMV migration does pose minor concerns to MOTO (mail order/telephone order) and e-commerce merchants. Statistics illustrate that in other countries that adopted EMV technology, there’s a significant decrease in fraudulent activity and counterfeiting for card-present purchases. But what about card-not-present (CNP) transactions? How does the EMV migration affect card-not-present merchants in the U.S.? We’ll answer that question and more you may have about the EMV Liability Shift.

How Does the EMV Migration Affect CNP Merchants?

Card-not-present transactions aren’t something to take lightly. E-commerce transactions, along with Internet transactions, are said to be the fastest growing payments segment. But as these segments grow, so will CNP fraud. In fact, despite the anticipated decrease in card-present fraud, experts predict a 20% increase in CNP fraud once the EMV migration takes off. The universal question here is, “Why?”

EMV cards provide card-present transactions with a one-time-password (OTP) generated by the chip within the card. This OTP is then sent into cyberspace and the transaction is confirmed and approved. Nothing else needs to be done in this situation because there is twofold confirmation (the physical card and the PIN they provide) that the cardholder is who they say they are. (More information on smart cards is available on our post.)

This feature isn’t available with CNP purchases because the smart card will not be in the merchant’s presence, and proves itself easier to exploit than retail fraud. The requirements call for MOTO and eCommerce merchants to implement a system of authentication that works for their particular business.

CNP Authentication Factors

The most economically beneficial solution to reducing CNP fraud would be to increase the scrutiny of card-not-present transactions. This could be done in myriad ways, but the easiest and most cost effective method would be an identity authentication process combined with a secure, trustworthy payment channel. Typically, the customer is asked for one or more of three authentication factors during a CNP transaction.

  1. An ownership factor. This is something the person owns and has, such as their credit card or their IP address.

  1. A knowledge factor. This is something the person knows, such as their PIN, their billing address or their security questions.

  1. An inherence factor. This is something the person is or does, such as a fingerprint or a signature.

Ideally, authentication is gained and approved when two or all three factors are provided correctly.

CNP Authentication Methods

“Important factors for success will be not only effectiveness in reducing CNP fraud, but also ease of merchant implementation and customer ease of use,” according to EMVCo, developed by the Smart Card Alliance. Some methods and tools for implementing verification are to:

  • Continue PCI compliance and follow the specific rules for data security and management

  • Verify card security codes

  • Use an address verification service (AVS)

  • Analyze priority shipping requests (especially if free shipping is offered)

  • Validate unusual orders from repeat and regular customers

  • Confirm the phone number and transaction information before shipping products

  • Take advantage of fraud prevention services available from credit card companies such as Verified by Visa or MasterCard SecureCode

There are plenty of advantages to a well-maintained authentication system. Your business will experience a significant reduction in risk, while your customers enjoy the ease of purchasing your products and a positive reinforcement of a brand that establishes trust and security with CNP payments.

The EMV migration calls for change — big change. A successful shift from magstripe cards to smart cards will reduce counterfeit, identity theft and fraud, giving both businesses and customers one less stress to worry about. Ending CNP fraud requires businesses to take action and use the authentication factors and methods to bolster protection and defense.

Fattmerchant is committed to upholding the highest industry security standards and providing up-to-date technology to all our merchants. With our affordable solutions and advanced security — in addition to Fatt savings — CNP merchants can protect their business and their customers the right way. Click here to start defending your eCommerce or MOTO business from credit card fraud with Fattmerchant.

Get Your EMV Survival Guide for Small Businesses

Previous Post
EMV Mandate: 3 Steps to Get Your Business Ready for the Shift
Next Post
5 Surprising Business Growth Strategy Hacks