Topics Types of Bank Fraud 12 Most Common Types of Bank Fraud Account Takeover (ATO) Fraud Advance Fee Fraud Check Fraud ACH Fraud Real-time Payment Fraud First-Party Fraud Wire Fraud Zelle Fraud Types of Card Fraud Credit Card Fraud Debit Card Fraud Lost or Stolen Card Fraud Card Skimming Card Cloning Chargeback Fraud Card Not Present (CNP) Fraud Fraud Defenses Anti-Money Laundering (AML) Behavioral Biometrics Crowdsourced Abuse Reporting Device Fingerprinting Real-time monitoring Email Reputation Service IP Reputation Service SR 11-7 Compliance Supervised Machine Learning Suspicious Activity Reports (SARs) Tokenization Transaction Monitoring Two-Factor Authentication (2FA) Unsupervised Machine Learning Fraud Tactics Bot Attacks Call Center Scams Credential Stuffing Data Breaches Deepfakes Device Emulators GPS Spoofing Money Mule Scams P2P VPN Networks Phishing Attacks SIM Swap Fraud URL Shortener Spam Web Scraping Fraud Tech Anomaly Detection Device Intelligence Feature Engineering Generative AI Identity (ID) Graphing Network Analysis Natural Language Processing Fraud Types Application Fraud Transaction Fraud Payment Fraud Pump and Dump Scams Bust-Out Fraud Buyer-Seller Collusion Content Abuse Cryptocurrency Investment Scams Money Laundering Loan Stacking Romance Scams Rug Pull Scams SIM Swapping Synthetic Identity Theft Cryptocurrency Scams Pig Butchering Scams Card Not Present (CNP) Fraud: Detection & Prevention Of all the types of card fraud, one stands out as the most popular—card-not-present (CNP) fraud. In 2022, over 70% of all credit card fraud was CNP fraud. Studies predict this will only increase in years to come. Here’s how CNP fraud happens, plus how to detect and prevent it. What is card-not-present fraud? Card-not-present (CNP) fraud is any fraudulent card transaction made without the physical card. These frauds typically happen online or over the phone, but work anywhere a physical card isn’t required for a sale. How does card-not-present fraud happen? Card-not-present fraud scams work anywhere fraudsters can pay without the use of a physical card. There are several common schemes they follow to access card information. Stolen Card Details Many times, CNP fraud comes from stolen card information. Fraudsters can buy stolen card information online through black market dealers who leak breached data. They also capture it through scams like phishing, voice phishing (vishing), and SMS phishing (smishing). Account Takeover Fraudsters can stealing users’ login credentials to get access to card accounts. Techniques like phishing or keylogging work great for this. Once they have control of the account, they make purchases using stored payment card. Weak mobile provider verification processes can open a victim’s phone a hijacking known as sim swapping. Once fraudsters get control, they can bypass two-factor authentication and access saved cards. Card Skimming Card skimming captures physical card details using skimmers on point-of-sale terminals or ATMs. Fraudsters can then use this stolen card information for for online purchases. Synthetic Identity Theft Fraudsters create fake identities using a mix of real and fake information. Then they apply for credit cards with these synthetic IDs to make fraudulent transactions online. Friendly Fraud Also known as chargeback fraud, this is when legitimate cardholders dispute a valid transaction. They claim that they didn’t receive what they paid for and request a chargeback from the card issuer. The card iself doesn’t need to have been used, only the details. Card Testing Fraudsters use bots to test stolen card details by making small transactions with online merchants. They can identify which cards are still active, then use those for larger fraudulent purchases. Man-in-the-Middle (MITM) Attacks In a MITM attack, hackers intercept the communication between a customer and a legitimate online merchant. Once they access the transaction data, they can alter the payment details or steal the customer’s login credentials. Malware and Remote Access Trojans (RATs) Malware victims accidentally installed on devices can capture credit card details. Fraudsters even set these malicious programs to sen card information directly to them without the victim being aware. Can card not present fraud be prevented? With the right systems in place, yes it’s possible to prevent CNP fraud. But, it requires the right prevention measures and detection solutions. Strong authentication measures like multi-factor authentication are must-haves. This includes biometrics, one-time passwords, authentication apps, or hardware tokens. These prevent the account takeover route fraudsters will try to take. Tokenization and encryption technologies help protect sensitive cardholder data during transmission and storage. Tokenization replaces actual card data with unique tokens that are useless if intercepted. Encryption ensures sensitive data is scrambled and can only be decrypted by authorized parties. Customer education about best practices can also play a key role in stopping social engineering scams. The most powerful tool for card providers is fraud detection and monitoring. These systems analyze transaction patterns, customer behavior, and other risk indicators. The best systems leverage AI and machine learning to spot fraud in real time. How AI detects card not present fraud AI is vital today in detecting card-not-present (CNP) fraud. Advanced algorithms and machine learning techniques can spot fraud much faster than humans. It can also adapt to new fraud types and set up prevention in real time. Though systems vary, many follow similar prevention strategies. First, they analyze vast amounts data on transactions, customer behavior, and known fraud patterns. Then they use this data to establish baselines and identify anomalies or suspicious activities. AI models can detect complex patterns and correlations that indicate fraudulent behavior. They also excel at identifying outliers and anomalies in data. That’s because they map user behavior patterns, like the way a customer navigates a website or interacts with an app. If the behavior deviates from the customer’s usual patterns, it triggers a fraud alert. But these case management systems can only go so far. That’s where real-time decision making comes in. Real-time ready AI-powered fraud detection systems, like DataVisor’s, assess transactions as they happen and provide instant risk assessments. Using unsupervised machine learning, the platform itself addresses the fraud and stops transactions. Even better, it’s so well trained it can do this with an incredibly low false positive rate. To learn more about how DataVisor’s platform can solve CNP fraud threats for your instituion, set up a personalized demo with our team.