Fraud Management
Card Not Present – CNP – fraud most commonly involves the theft of genuine card details which are then used to make a purchase or financial transaction over the internet, by phone or by mail order.
A key difficulty in countering fraud in these CNP channels is that neither the card nor the cardholder is present when transactions take place, and the genuine cardholder may not be aware of this fraud until they check their statement.
Card present transactions are usually secure because of the authentication process put in place by EMV Chip & PIN. This is a 3 part process:
- There must be proof that the card was used
- The user must demonstrate their right to use the card – by using their PIN number, for example
- The location of the transaction needs to be determinable
Trying to replicate this in a card-not-present transaction has been difficult:
- Retailers cannot check the card’s physical security features to determine whether it is genuine or not
- Without a signature or a PIN there is less certainty that the customer is the genuine cardholder
- The location is usually impossible to verify
An internet transaction can satisfy the first element, but consumers are not able to take full advantage of a PIN online. The location is even more difficult to verify, particularly with the growing use of mobile devices to make financial transactions.
The HomePay system takes the security authentication of Chip & PIN and transfers them to card-not-present transactions. By allowing consumers to use their credit or debit card and PIN in a secure terminal, as they do in a retail environment, HomePay takes away the fraudsters’ ability to make remote payments with limited card information. It offers merchants and banks a new, robust tool with which to tackle card-not-present fraud. From a fraud management perspective, HomePay is an obvious step towards making all payments card present transactions and reducing the levels of card-not-present fraud.
