
Recover 4x more chargebacks and prevent up to 90% of incoming ones, powered by AI and a global network of 20,000 merchants.
Card not present (CNP) fraud uses stolen card data to buy something online, by phone, or by mail, without the physical card. It includes stolen-card fraud and friendly fraud. Layered defenses such as risk scoring, 3D Secure, and chargeback alerts deflect up to 90% of chargebacks before they post.
Card not present (CNP) fraud occurs when a criminal uses stolen card details to make a purchase without the physical card. This happens typically online, over the phone, or via mail order. Because the merchant can't verify the cardholder in person, CNP transactions carry higher fraud and chargeback risk than in-store payments.
Stop it with layered defenses: real-time identity and behavior scoring, post-purchase review before fulfillment, and proactive chargeback alerts. These deflect disputes before they hit your account.
Card not present fraud is the single biggest threat in eCommerce fraud prevention, and it is getting more expensive every year. When a shopper checks out online, you never see the card. You see data. That gap is exactly what fraudsters exploit, whether they are using stolen card numbers or filing false disputes after a legitimate delivery.
This guide breaks down what CNP fraud is, how it happens, and the warning signs. It covers the layered defenses that protect your revenue and keep you out of card network monitoring programs.
Card not present fraud is any unauthorized or deceptive transaction made using card credentials instead of the physical card itself. It happens in remote channels: online checkout, phone orders, in-app purchases, and subscriptions, where you cannot dip a chip or verify a signature.
The core problem is verification. In a store, the card, the chip, and often the cardholder are all physically present. Online, you're trusting a string of numbers: the card number, expiration date, CVV, and billing address.
If a criminal has those details, bought on the dark web, phished, or skimmed, they can transact as if they were the cardholder.
CNP fraud splits into two main categories that demand different defenses:
For fast-growing brands, subscription businesses, and marketplaces, both types stack up fast. Chargeflow Insights centralizes every dispute across your processors into one dashboard. You can see which transactions are stolen-card fraud versus friendly fraud, the first step to stopping both.
CNP fraud starts with stolen card data and ends with a chargeback on your account. Criminals obtain credentials through data breaches, phishing, malware, skimming, and dark-web marketplaces, then test and cash out those cards on eCommerce sites.
Here's the typical attack lifecycle:
Friendly fraud follows a different path. The customer genuinely orders, receives the item, then contacts their bank instead of you, because a refund feels faster, or because they are abusing your policies. Either way, the dispute lands on your account and counts against your chargeback ratio.
Subscription and SaaS businesses face a unique version: recurring billing disputes. A customer forgets they signed up, doesn't recognize the descriptor, and files a chargeback rather than canceling. Clear billing descriptors and InquiryAutomation (part of Chargeflow Automation) resolve pre-dispute inquiries on platforms like PayPal, Klarna, and Afterpay before they escalate to a claim.
The clearest red flags are mismatched data, abnormal order behavior, and rushed high-value purchases. Spotting these patterns early lets you cancel or verify risky orders before you ship, which is far cheaper than fighting a chargeback after the fact.
Watch for these signals at and after checkout:
The hard truth: many of these signals look fine in isolation. A rushed large order from a new customer can be a perfectly good sale. That's why rule-based, pre-authorization tools alone produce false positives that block real revenue.
Chargeflow Prevent scores each transaction after authorization but before fulfillment, using device, IP, email, and payment-behavior intelligence from a global network of 15,000+ merchants. It automatically cancels, verifies, or approves orders based on your rules, catching the digital shoplifters without depressing your approval rate.
You prevent card not present fraud with layered defenses. No single check is enough. Combine data-validation tools at checkout, behavioral and identity intelligence after authorization, and chargeback alerts that deflect disputes before they post.
Start with the foundational checks every merchant should enable:
These basics stop unsophisticated attacks but miss friendly fraud and coordinated fraud rings entirely. Layer on intelligence-driven prevention:
This is where the Chargeflow stack delivers. Chargeflow Alerts aggregates Verifi, Ethoca, Visa, Mastercard, and the Chargeflow Network to deflect up to 90% of chargebacks before they hit your account. It keeps your dispute ratio safely below card network thresholds and out of programs like VAMP.
Prevent blocks the fraudulent orders. And the disputes that still slip through? Chargeflow Automation recovers them on autopilot with an average 300% increase in win rate and a 4X ROI guarantee.
You pay 25% only on what is recovered, no long contracts, no setup fees.
Activate Alerts and Prevent today.
When a chargeback gets through your defenses, you recover revenue by submitting compliant, evidence-backed dispute responses fast, at scale. Manual dispute handling cannot keep up with high transaction volumes, and missed deadlines mean automatic losses.
Winning a CNP dispute comes down to evidence quality and submission speed. Card networks want proof tied to their specific requirements.
Compelling Evidence 3.0 for Visa lets you submit prior transaction history to prove the cardholder authorized the purchase. Assembling that evidence by hand for every chargeback is slow, error-prone, and unscalable for a growing brand.
Chargeflow Automation handles the entire lifecycle for you:
For payment platforms, PSPs, and marketplaces, Chargeflow Connect embeds this entire engine: Automation, Alerts, Insights, and Prevent, white-labeled into your product. Offer chargeback protection to your own merchants across 45+ PSPs. The result across the platform: $200M+ in revenue recovered and 20,000+ merchants protected.
Card not present fraud is not a single problem with a single fix: it is stolen-card attacks and friendly fraud hitting your account from every channel. Beating it requires a layered defense plus automated recovery. Stop the fraudulent orders before fulfillment, deflect disputes before they post, and recover the chargebacks that slip through, all on autopilot.
With Chargeflow's Prevent, Alerts, Automation, and Insights working together, you cut chargebacks by up to 90% and win more disputes. Stay out of card network monitoring programs. Start for free.
Card present fraud requires the physical card at the point of sale. Card not present fraud uses only stolen card data in remote channels like online, phone, or mail orders.
CNP transactions are far more vulnerable because chip-and-PIN and signature verification aren't available to confirm the real cardholder is making the purchase. That's why CNP is now the leading source of fraud and chargebacks for eCommerce businesses.
In most cases, the merchant absorbs the loss for card not present fraud, including the disputed amount, the shipped goods, and a chargeback fee. Using 3D Secure can shift fraud liability to the card issuer on authenticated transactions.
It doesn't cover friendly fraud where a real customer disputes a legitimate order. Layered prevention and automated dispute recovery are how you protect your bottom line against both scenarios.
Yes, you can win CNP chargebacks, especially friendly fraud cases, by submitting strong, card-scheme-compliant evidence before the deadline. Evidence like delivery confirmation, IP and device matches, prior transaction history, and Compelling Evidence 3.0 data can prove the cardholder authorized and received the purchase. Chargeflow Automation builds and submits this evidence automatically, delivering an average 300% increase in win rate with a 4X ROI guarantee.
You can deploy Chargeflow Alerts in under 24 hours with one-click integrations into 100+ eCommerce, payment, and support platforms. Prevent starts with your first 1,000 scanned transactions free and no minimums, while Automation works on success-based pricing: you pay 25% only on recovered chargebacks. There are no long-term contracts or setup fees, so you can protect your revenue almost immediately.

Recover 4x more chargebacks and prevent up to 90% of incoming ones, powered by AI and a global network of 20,000 merchants.