/
Fraudepreventie
July 12, 2026
12 juli 2026

Wat is fraude waarbij de kaart niet fysiek aanwezig is en hoe kun je dit voorkomen?

Wit, rond logo met in het midden in elkaar grijpende vormen, omgeven door overlappende, baanachtige elliptische lijnen en verspreide blauwe ruitvormen.

Terugboekingen?
Dat is niet langer jouw probleem.

Vorder 4 keer meer terugboekingen terug en voorkom tot 90% van de inkomende terugboekingen, dankzij AI en een wereldwijd netwerk van 20.000 handelaren.

Meer dan 600 beoordelingen
Geen creditcard nodig.
TL;DR:

Card not present (CNP) fraud uses stolen card data to buy something online, by phone, or by mail, without the physical card. It includes stolen-card fraud and friendly fraud. Layered defenses such as risk scoring, 3D Secure, and chargeback alerts deflect up to 90% of chargebacks before they post.

Card not present (CNP) fraud occurs when a criminal uses stolen card details to make a purchase without the physical card. This happens typically online, over the phone, or via mail order. Because the merchant can't verify the cardholder in person, CNP transactions carry higher fraud and chargeback risk than in-store payments.

Stop it with layered defenses: real-time identity and behavior scoring, post-purchase review before fulfillment, and proactive chargeback alerts. These deflect disputes before they hit your account.

Belangrijkste punten

  • Card not present fraud dominates eCommerce since CNP transactions can't use chip-and-PIN verification.
  • Friendly fraud counts too. Many CNP disputes come from real customers who falsely claim "item not received" or "not as described," not just stolen cards.
  • Prevention is layered, not single-tool. Identity intelligence, AVS/CVV checks, 3D Secure, post-purchase review, and chargeback alerts each block a different attack.
  • A shared merchant network beats going solo. Fraud rings reuse identities across stores, so cross-merchant data catches repeat abusers your own history can't.
  • Chargeflow Prevent and Alerts stop fraud before fulfillment and deflect up to 90% of chargebacks, while Automation recovers the disputes that slip through.

Card not present fraud is the single biggest threat in eCommerce fraud prevention, and it is getting more expensive every year. When a shopper checks out online, you never see the card. You see data. That gap is exactly what fraudsters exploit, whether they are using stolen card numbers or filing false disputes after a legitimate delivery.

This guide breaks down what CNP fraud is, how it happens, and the warning signs. It covers the layered defenses that protect your revenue and keep you out of card network monitoring programs.

What Is Card Not Present Fraud?

Card not present fraud is any unauthorized or deceptive transaction made using card credentials instead of the physical card itself. It happens in remote channels: online checkout, phone orders, in-app purchases, and subscriptions, where you cannot dip a chip or verify a signature.

The core problem is verification. In a store, the card, the chip, and often the cardholder are all physically present. Online, you're trusting a string of numbers: the card number, expiration date, CVV, and billing address.

If a criminal has those details, bought on the dark web, phished, or skimmed, they can transact as if they were the cardholder.

CNP fraud splits into two main categories that demand different defenses:

  • Third-party fraud: A criminal uses stolen card data to place an order; you lose the chargeback and goods.
  • First-party (friendly) fraud: A customer receives goods, then disputes the charge anyway, claiming non-delivery or non-recognition.

For fast-growing brands, subscription businesses, and marketplaces, both types stack up fast. Chargeflow Insights centralizes every dispute across your processors into one dashboard. You can see which transactions are stolen-card fraud versus friendly fraud, the first step to stopping both.

How Does Card Not Present Fraud Actually Happen?

CNP fraud starts with stolen card data and ends with a chargeback on your account. Criminals obtain credentials through data breaches, phishing, malware, skimming, and dark-web marketplaces, then test and cash out those cards on eCommerce sites.

Here's the typical attack lifecycle:

  1. Data theft. Card details are stolen via a breach, a phishing email, a fake checkout page, or malware that captures keystrokes.
  2. Card testing. Fraudsters run small transactions to confirm which stolen cards are still active, often a flood of low-value orders in minutes.
  3. The fraudulent purchase. Once a card is validated, the criminal places a real order, often shipping high-resale-value goods to a reshipping address.
  4. The chargeback. The cardholder disputes the charge, and you lose merchandise, shipping, the transaction amount, and a fee.

Friendly fraud follows a different path. The customer genuinely orders, receives the item, then contacts their bank instead of you, because a refund feels faster, or because they are abusing your policies. Either way, the dispute lands on your account and counts against your chargeback ratio.

Subscription and SaaS businesses face a unique version: recurring billing disputes. A customer forgets they signed up, doesn't recognize the descriptor, and files a chargeback rather than canceling. Clear billing descriptors and InquiryAutomation (part of Chargeflow Automation) resolve pre-dispute inquiries on platforms like PayPal, Klarna, and Afterpay before they escalate to a claim.

What Are the Warning Signs of Card Not Present Fraud?

The clearest red flags are mismatched data, abnormal order behavior, and rushed high-value purchases. Spotting these patterns early lets you cancel or verify risky orders before you ship, which is far cheaper than fighting a chargeback after the fact.

Watch for these signals at and after checkout:

  • Mismatched billing and shipping addresses, especially when shipping to a freight forwarder or known reshipping hub.
  • Multiple declined attempts followed by a success: classic card testing behavior.
  • Unusually large orders or bulk quantities of high-resale items from a brand-new customer.
  • Rush shipping requests on first-time orders, designed to get goods out the door before the fraud is caught.
  • Email, device, or IP mismatches: a disposable email, a VPN-masked IP, or a device fingerprint linked to prior fraud.
  • Velocity spikes: the same card, device, or IP hitting your store repeatedly in a short window.

The hard truth: many of these signals look fine in isolation. A rushed large order from a new customer can be a perfectly good sale. That's why rule-based, pre-authorization tools alone produce false positives that block real revenue.

Chargeflow Prevent scores each transaction after authorization but before fulfillment, using device, IP, email, and payment-behavior intelligence from a global network of 15,000+ merchants. It automatically cancels, verifies, or approves orders based on your rules, catching the digital shoplifters without depressing your approval rate.

How Do You Prevent Card Not Present Fraud?

You prevent card not present fraud with layered defenses. No single check is enough. Combine data-validation tools at checkout, behavioral and identity intelligence after authorization, and chargeback alerts that deflect disputes before they post.

Start with the foundational checks every merchant should enable:

  • Address Verification Service (AVS): Confirms the billing address matches the card issuer's records.
  • CVV verification: Requires the security code, which isn't stored in most breached datasets.
  • 3D Secure (Visa Secure, Mastercard Identity Check): Adds issuer-side authentication and can shift liability for fraud chargebacks to the bank.
  • PCI DSS compliance: Protects stored and transmitted card data, reducing your breach exposure.

These basics stop unsophisticated attacks but miss friendly fraud and coordinated fraud rings entirely. Layer on intelligence-driven prevention:

  • Real-time risk scoring that weighs device fingerprint, IP reputation, email age, and behavioral signals together rather than one rule at a time.
  • A cross-merchant network that flags actors already caught defrauding other stores, because fraud rings reuse identities.
  • Post-purchase review that holds risky orders for verification before they ship, eliminating the loss on goods and the dispute.
  • Proactive chargeback alerts that catch disputes in the pre-chargeback window and let you refund within 24 hours to avoid a formal chargeback and its fee.
Defense Layer What It Does What It Stops
Address Verification Service (AVS) Confirms the billing address matches the card issuer's records. Basic stolen-card transactions.
CVV Verification Requires the card security code, which isn't stored in most breached datasets. Card testing and low-effort fraud.
3D Secure (Visa Secure, Mastercard Identity Check) Adds issuer-side authentication at checkout. Unauthorized charges, and shifts fraud liability to the bank.
PCI DSS Compliance Protects stored and transmitted card data. Data breaches and downstream fraud exposure.
Risicobeoordeling in realtime Weighs device fingerprint, IP reputation, email age, and behavior together. Sophisticated and coordinated fraud attempts.
Cross-Merchant Network Flags actors already caught defrauding other stores. Repeat abusers and organized fraud rings.
Post-Purchase Review Holds risky orders for verification before fulfillment. Loss of goods and the resulting dispute.
Proactive Chargeback Alerts Catches disputes in the pre-chargeback window, letting you refund within 24 hours. Formal chargebacks and their fees.

This is where the Chargeflow stack delivers. Chargeflow Alerts aggregates Verifi, Ethoca, Visa, Mastercard, and the Chargeflow Network to deflect up to 90% of chargebacks before they hit your account. It keeps your dispute ratio safely below card network thresholds and out of programs like VAMP.

Prevent blocks the fraudulent orders. And the disputes that still slip through? Chargeflow Automation recovers them on autopilot with an average 300% increase in win rate and a 4X ROI guarantee.

You pay 25% only on what is recovered, no long contracts, no setup fees.

Activate Alerts and Prevent today.

How Do You Recover Revenue After a CNP Chargeback?

When a chargeback gets through your defenses, you recover revenue by submitting compliant, evidence-backed dispute responses fast, at scale. Manual dispute handling cannot keep up with high transaction volumes, and missed deadlines mean automatic losses.

Winning a CNP dispute comes down to evidence quality and submission speed. Card networks want proof tied to their specific requirements.

Compelling Evidence 3.0 for Visa lets you submit prior transaction history to prove the cardholder authorized the purchase. Assembling that evidence by hand for every chargeback is slow, error-prone, and unscalable for a growing brand.

Chargeflow Automation handles the entire lifecycle for you:

  • Detects new chargebacks directly from your processors in real time.
  • Collects and enriches 1,000+ data points per dispute automatically.
  • Assembles personalized, card-scheme-compliant evidence, including Compelling Evidence 3.0.
  • Submits every response on time with a 100% submission rate, no missed deadlines.
  • Predicts outcomes with ChargeScore™ win-probability so you know where you stand.

For payment platforms, PSPs, and marketplaces, Chargeflow Connect embeds this entire engine: Automation, Alerts, Insights, and Prevent, white-labeled into your product. Offer chargeback protection to your own merchants across 45+ PSPs. The result across the platform: $200M+ in revenue recovered and 20,000+ merchants protected.

Stop Card Not Present Fraud With Layered Defenses

Card not present fraud is not a single problem with a single fix: it is stolen-card attacks and friendly fraud hitting your account from every channel. Beating it requires a layered defense plus automated recovery. Stop the fraudulent orders before fulfillment, deflect disputes before they post, and recover the chargebacks that slip through, all on autopilot.

With Chargeflow's Prevent, Alerts, Automation, and Insights working together, you cut chargebacks by up to 90% and win more disputes. Stay out of card network monitoring programs. Start for free.

Veelgestelde vragen

What is the difference between card present and card not present fraud?

Card present fraud requires the physical card at the point of sale. Card not present fraud uses only stolen card data in remote channels like online, phone, or mail orders.

CNP transactions are far more vulnerable because chip-and-PIN and signature verification aren't available to confirm the real cardholder is making the purchase. That's why CNP is now the leading source of fraud and chargebacks for eCommerce businesses.

Who is liable for card not present fraud: the merchant or the bank?

In most cases, the merchant absorbs the loss for card not present fraud, including the disputed amount, the shipped goods, and a chargeback fee. Using 3D Secure can shift fraud liability to the card issuer on authenticated transactions.

It doesn't cover friendly fraud where a real customer disputes a legitimate order. Layered prevention and automated dispute recovery are how you protect your bottom line against both scenarios.

Can you win chargebacks caused by card not present fraud?

Yes, you can win CNP chargebacks, especially friendly fraud cases, by submitting strong, card-scheme-compliant evidence before the deadline. Evidence like delivery confirmation, IP and device matches, prior transaction history, and Compelling Evidence 3.0 data can prove the cardholder authorized and received the purchase. Chargeflow Automation builds and submits this evidence automatically, delivering an average 300% increase in win rate with a 4X ROI guarantee.

How fast can you deploy CNP fraud protection?

You can deploy Chargeflow Alerts in under 24 hours with one-click integrations into 100+ eCommerce, payment, and support platforms. Prevent starts with your first 1,000 scanned transactions free and no minimums, while Automation works on success-based pricing: you pay 25% only on recovered chargebacks. There are no long-term contracts or setup fees, so you can protect your revenue almost immediately.

DEEL DIT ARTIKEL
Wit, rond logo met in het midden in elkaar grijpende vormen, omgeven door overlappende, baanachtige elliptische lijnen en verspreide blauwe ruitvormen.

Terugboekingen?
Dat is niet langer jouw probleem.

Vorder 4 keer meer terugboekingen terug en voorkom tot 90% van de inkomende terugboekingen, dankzij AI en een wereldwijd netwerk van 20.000 handelaren.

Meer dan 600 beoordelingen
Geen creditcard nodig.
abonneren

De nieuwste informatie over terugboekingen, fraude en e-commerce, rechtstreeks in je inbox. Elke week.

Meld je nu aan en mis nooit meer de nieuwste trends!
Door je e-mailadres op te geven, ga je akkoord met onze Gebruiksvoorwaarden en privacyverklaring
Diagram met gestreepte en gebogen lijnen die gesegmenteerde bogen vormen, gemarkeerd door drie blauwe ruitvormige markeringen aan de linkerkant.Een abstract ontwerp met een cirkelvormig raster en blauwe ruitvormige markeringen op een halfzwarte, halfwitte achtergrond.