Skip to main content

What is card-not-present fraud?

Card-not-present fraud (CNP) is a category of fraud made via online transactions, telephone, or mail.

In other words, it's a fraudulent payment in situations where a card is not presented to a merchant for a visual check.

Typically, a CNP fraud happens after a payment card or information on the card has been stolen (name, card number, and 3-digit static card security code at the back) or purchased on the Dark Web.


How big is card-not-present fraud?

Card-not-present statistics show that it's THE primary source of card fraud by far - 75% in value of all card frauds on average in many countries.

Yes, you read that right. 

CNP fraud in the U.S. and Canada

In the U.S., 7.9 million consumers were victims of CNP fraud in 2018.

This figure represents about 3.1% of the U.S. population over 18 years of age, according to a 2019 study.

The amount of card-not-present fraud was estimated at $4.57 billion for 2016 by the U.S. federal reserve in a 2018 report.

CNP fraud has been driven by solid growth in e-commerce transactions in Canada. CNP amounts to 76% of the total value of card fraud in 2015.

CNP fraud in Europe: 79%

According to the sixth report on fraud in the Single Euro Payments Area (SEPA), card-not-present (CNP) payments counted for a massive 79% of the total value of card fraud for 2018.

Card fraud at ATMs and POS terminals represented 6% and 15%, respectively, in 2018.

With €1.8 billion ($2.17 billion) in losses in 2018, CNP fraud was the largest segment of fraud in the eurozone and the only one to record an increase (+13% vs 2017) compared with the previous year.

This area covers Austria, Belgium, Cyprus, Estonia, Finland, France, Germany, Greece, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Portugal, Slovakia, Slovenia, and Spain.

Card-not-present fraud in the U.K.: 76%

In the U.K. (not in the eurozone), CNP accounted for £470.2 million in 2019, a 7% decrease vs 2018.

CNP is 76% of the total value of card fraud in 2019.

Other frauds include Lost & Stolen (15%), card I.D. theft (6%), counterfeit card (2%), and card not received (1%). 

CNP fraud in Australia: 85%

In 2017, card-not-present fraud in Australia accounted for 84.8% of all fraud on cards. It is a +14% increase over 2016 for a total of 476.3 million AUD (or €295m or 330m USD)  in 2017. (source Australian payments network)

The bad news?


The true cost of CNP: $3.75 for $1 of fraud

In its "True cost of fraud" 2022 report, LexisNexis estimates that every $1 in CNP fraud costs $3.75 to merchants in the USA.

To top it off, EMV is not going to help.


CNP fraud and EMV

With the shift to EMV drastically reducing card-present fraud, CNP fraud is more likely to grow in the coming years, according to a January 2019 report from a Juniper Research report

The company says that CNP fraud will have retailers lose about $130 billion in cumulative revenue between now and 2023. 


It's because EMV has slashed card-present fraud, and eCommerce is so convenient.

COVID-19 has just accelerated this trend. See "shifting to online purchases because of the pandemic" stats from Statista).

Juniper also forecasts that by 2023 companies supporting retail transactions will spend about $10 billion yearly on fraud detection and prevention capabilities. 

Beyond that, CNP fraud affects consumers' behaviour, merchants, and banks.

Stay with us. Here comes the good news.


​​​Preserve the consumer's shopping experience.​​​​​


card not present fraud


Gemalto's Dynamic Code Verification is a complete card-not-present security solution based on the following:

  • a payment display card, 
  • a mobile solution,
  • and a validation server. 

It replaces static cryptograms with dynamic codes, thus mitigating fraud linked to using static card numbers stolen online without any impact on the merchant's infrastructure.

The Gemalto Dynamic Code Verification, launched in October 2015, is the first complete and adaptable solution. 

Banks can decide to deploy the solution on mobile, on display cards, or with both components. 

The versatility offered by Gemalto Dynamic Code Verification allows banks to provide a relevant and secure eCommerce solution to their customers. ​

Product Sheet (PDF - 126kb)


How Gemalto DCV allows mitigating online fraud 


dynamic code on mobile


Gemalto Mobile DCV

The Gemalto mobile DCV ​solution allows your customers to store their cards and read the dynamic codes on their mobile phones. 

Customers can choose to secure their application with a PIN to add a strong authentication layer to the application.

dynamic code on mobile

- Stores your cards in a secure mobile application
- Allows you to complete simple and secure transactions

Dynamic Code Card


Gemalto Dynamic Code Card

The Gemalto Dynamic Code Card​ is a classic EMV contactless payment card that displays a dynamic code that automatically changes every 20 minutes without the cardholder's intervention. 

Instead of the static code currently used to secure online purchases, the dynamic code is displayed on a small ePaper screen on the back of the card.

Gemalto Dynamic Code Card

- Up to 125K Dynamic Code Verifications in 4 years
- Updated security cryptogram every 20 minutes


Read more about Thales Gemalto Dynamic Code Card​

card not present


Thales Gemalto Confirm Authentication Server

The Gemalto Confirm Authentication Server is a multi-channel, multi-token, and vendor-agnostic authentication solution that supports all forms of authentication technologies across all channels. 

It allows easy integration into banks' authorization hosts and is protected by hardware security modules.

DCV Mobile

- Easy integration
​- Field-proven, comprehensive, scalable, and cost-effective

Read more about the Gemalto Confirm Authentication Server.

What customers are saying

"Gemalto helped us quickly implement groundbreaking dynamic CVV/CVC technology, and the response thus far has been outstanding: in the first weeks of the project, we already have more than 100,000 active users."
Hugo Najera Alva, General Director of Digital Banking, BBVA Bancomer, Mexico

Get in touch with us

For more information regarding our services and solutions contact one of our sales representatives. We have agents worldwide that are available to help with your digital security needs. Fill out our contact form and one of our representatives will be in touch to discuss how we can assist you.

Please note we do not sell any products nor offer support directly to end users. If you have questions regarding one of our products provided by e.g. your bank or government, then please contact them for advice first.