Join us for our upcoming webinar: Should increased fees change your chargeback strategy?

Join us for our upcoming webinar:
Should increased fees change your chargeback strategy?
< Back to Glossary

Card-Not-Present Fraud

What is Card-Not-Present Fraud?

Card-Not-Present (CNP) fraud occurs when credit card details are used to make fraudulent transactions where the physical card isn’t presented to the merchant. CNP fraud predominantly affects online transactions, but also extends to phone orders, mail orders, and any payment where the card and cardholder aren’t physically present. Without visual verification of the card or cardholder, merchants are largely forced to rely on digital authentication methods, which creates vulnerabilities that fraudsters actively exploit.

How Card-Not-Present Fraud Works

CNP fraud – including friendly fraud – has become the dominant form of payment fraud globally. According to UK Finance, 80% of card fraud losses stem from CNP fraud (largely from friendly fraud), while Mastercard reports that global losses exceeded $48 billion in 2023 and could reach a cumulative $343 billion by 2027.

CNP fraud takes place in numerous forms, as bad actors have evolved and varied their techniques to bypass advancing antifraud technologies. However, these methods can be broadly separated into two categories: true fraud and first-party, or “friendly” fraud. 

True CNP fraud can generally be broken down into four steps. First, card details are stolen via phishing, data breaches, skimming devices, or illegal purchase on the dark web. Fraudsters then validate these details by making small “test” transactions to ensure the card is active and unmonitored. Following this, they make one or more larger fraudulent transactions, typically targeting digital goods or physical items than can be quickly resold. Finally, the cardholder realises what has happened and initiates a chargeback

CNP friendly fraud, while less discussed, is actually the most common kind of CNP fraud – Mastercard reports that these transactions account for 70% of credit card fraud. Like true fraud, friendly fraud takes many shapes, but generally involves a cardholder making a legitimate purchase, before filing an illegitimate dispute. These bad actors often rely on the remote nature of CNP transactions to falsely claim that their details were stolen, allowing them to keep both their funds and the stolen goods. 

Common Types of CNP Fraud

The CNP fraud landscape has continued to evolve as security measures improve. Some of the most common techniques include: 

Account Takeover (ATO) Fraud

ATO attacks involve criminals gaining control of a legitimate customer’s account –

whether through phishing, credential stuffing, or social engineering – and making unauthorized purchases while impersonating the victim. This approach is particularly effective because the transactions originate from a trusted customer account with established purchase patterns.

Clean Fraud

This sophisticated approach involves impersonating an authorized cardholder while manipulating transaction information to make fraudulent purchases appear legitimate. Since the fraud occurs after initial verification, these transactions can often easily bypass standard fraud detection systems.

Package Redirection Fraud

Criminals practicing package redirection fraud make seemingly legitimate purchases using stolen credentials, then access the account after transaction approval to modify the shipping address. This tactic allows them to intercept deliveries without raising initial suspicion during the authorization process.

Synthetic Identity Fraud

Rather than stealing complete identities, some fraudsters combine genuine data elements from multiple victims (such as Social Security numbers and birthdates) with fabricated information to create entirely new, fictional identities. These synthetic identities are then used to open new accounts and make fraudulent purchases.

Friendly Fraud

Friendly fraud always begins the same way – with cardholders disputing legitimate transactions. However, dispute claims vary considerably. While they often surround “non-receipt of goods”, “item not as described”, or “transaction not authorized”, fraudsters can be highly creative and usually target areas they believe to be a merchant’s weak spots.

Although most friendly fraud is intentional, many instances also occur due to cardholder confusion. For instance, unclear billing descriptors or failure to notify cardholders before subscription renewal can cause cardholders to initiate chargebacks due to unrecognized charges on their statements. Poor customer service or obscure refund policies can also lead to unintentional chargeback fraud when cardholders can’t obtain the information needed to understand their consumer rights. 

Whether malicious or unintentional, friendly fraud is ultimately harder to prevent than true fraud, and consequently much more expensive, costing merchants over $132 billion annually

How to Combat Card-Not-Present Fraud

CNP fraud – especially friendly fraud – cannot be entirely prevented, but it can be curbed and managed. Authentication methods like 3D Secure, AVS, and CVV adds a critical layer of verification, while machine learning-powered fraud detection systems can analyze hundreds of data points in real-time to identify suspicious patterns before transactions complete. 

Beyond technical solutions, maintaining strong operational security through PCI DSS compliance establishes a solid foundation for fraud prevention. This includes implementing proper data handling protocols, enforcing strong access controls, and regularly updating security systems to prevent data breaches. Staff training is also crucial; employees must be capable of recognizing social engineering attempts and suspicious customer behaviors that technology might fail to detect. 

Fight Your CNP Chargebacks Hands-Free with Justt

While robust fraud prevention measures are essential, they will usually prove unable to stop the vast majority of disputes, which result from CNP friendly fraud. That’s because these transactions are technically legitimate, even if the subsequent chargebacks aren’t. 

Fortunately, Justt’s fully-automated chargeback management solution specializes in identifying and fighting CNP friendly fraud. The moment a dispute arrives, the AI-driven system begins collecting evidence from over +500 sources – including PSPs, internal merchant systems, and third-party providers. From this huge pool, Justt can instantly pull transaction logs, IP data, device information, and shipment tracking – all crucial elements for proving that CNP transactions were legitimate.

Justt alleviates the post-transaction chargeback pain

Justt’s Dynamic Arguments feature uses this evidence to craft precision-tailored responses that address the unique circumstances of each case. Every detail, from informational hierarchy and style, to formatting and argument flow is adjusted to match the preferences of the card issuer reviewing the case – substantially increasing the chances of successful dispute resolution. 

Unlike template-driven approaches that struggle to keep pace with high chargeback surges, Justt’s end-to-end automation scales effortlessly during fraud surges and seasonal peaks. Meanwhile, the platform’s machine learning capabilities continuously improve win rates by analyzing patterns across millions of disputes, ensuring your defense strategies evolve faster than fraudsters’ tactics.

Ready to upgrade your approach to CNP chargebacks? Schedule a demo with Justt today. 

Related Terms

Chargeback Mitigation

What is Chargeback Mitigation? Chargeback mitigation refers to systems and techniques that reduce the frequency or impact of disputed transactions. Most common approaches combine preventative and responsive strategies to maintain acceptable chargeback ratios and recover lost revenue. While chargeback mitigation can be handled in-house, the global rise of friendly fraud – costing businesses $132 billion […]

Learn More

ACH Dispute

What is an ACH Dispute? An ACH dispute occurs when a party involved in an Automated Clearing House (ACH) transfer challenges the legitimacy of the transaction. These disputes are usually initiated when account holders contact their bank to report unauthorized or incorrect electronic fund transfers from their accounts. Unlike credit card chargebacks, ACH disputes are […]

Learn More

Chargeback Fraud

What is Chargeback Fraud? Chargeback fraud, or “friendly fraud”, occurs when a cardholder disputes a legitimate transaction with their bank or card issuer, usually with the intention of keeping both the transaction sum and the purchased product or service. This practice costs businesses an estimated $132 billion annually and accounts for 70% of all credit […]

Learn More

Make chargebacks our problem - not yours.

You don't want to miss a thing

Product

Company

Customers

Resources

Success stories

X-twitter Youtube
Copyright © 2025 Justt
Privacy Policy
Terms of Use

Apply for this position

Justt
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.