<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=559746057746957&amp;ev=PageView&amp;noscript=1">

General E-Commerce Fraud FAQs

See what other businesses are asking about fraud protection and prevention.


What is a CNP purchase?

CNP stands for "card-not-present." These transactions occur when an order is placed remotely, including online orders, mail orders, and telephone orders. For these transactions, only the card details (such as credit card number, expiration date, etc.) are needed, and a manual signature and card imprint are not required at the time of purchase. Because the cardholder is not physically present when the merchant processes the order, it is easy for thieves to commit fraud with CNP purchases.

Why is CNP fraud important?

In any credit card fraud case, merchants are affected the most. But for CNP fraud, the merchant has to accept full liability for the losses. 

When a legitimate cardholder disputes a credit card charge, the bank that issued the credit card will send a chargeback to the merchant to reverse the transaction and provide the cardholder with a refund. 

The merchant can attempt to dispute the chargeback, but typically this requires physical evidence that fraud did not occur, such as a delivery signature. It is often difficult to obtain this evidence, so typically the merchant will have to absorb the full cost of the fraudulent transaction. This cost can be a significant amount, since it typically includes:

  1. Cost of goods sold: Since it is unlikely that the merchandise will be recovered, the merchant will have to write off the value of goods involved in a fraudulent transaction. For low-margin merchants, this hits hard. 
  2. Shipping cost: These costs are typically sunk into the value of the order, which further adds to the merchant's out-of-pocket loss. To make matters worse, fraudsters typically request high-priority shipping for their orders to enable rapid completion of the fraud, resulting in even higher shipping costs for the merchant. 
  3. Card association fees: Visa and MasterCard have  strict programs penalizing merchants that generate excessive chargebacks. Typically, if a merchant exceeds the threshold chargeback rates for any three-month period (e.g. 1% of all transactions or 2.5% of the total dollar volume), the merchant could be penalized with a fee for every chargeback. In extreme cases, the merchant’s contract to accept credit card payments could be terminated. 
  4. Merchant bank fees: In addition to the penalties charged by card associations, the merchant pays an additional processing fee to the acquiring bank for every chargeback. 
  5. Administrative costs: On average, each chargeback can take a merchant one to two hours to process. The merchant must receive and research the claim, contact the consumer, and respond to the acquiring bank or issuer with adequate documentation to dispute the chargeback. 
  6. Loss of reputation: Maintaining a positive reputation among customers is very important for merchants. Unfortunately, excessive chargebacks can lead merchants to implement a fraud program that is too stringent and inadvertently declines good orders, which can lead to unhappy customers who will take their complaints public via social media and negative online reviews.

What are the reasons for chargebacks?

Customers can file chargebacks for many reasons, including:
  • True cases of fraud, where a thief has illegally made a purchase using someone's credit card information without the cardholder's consent.*
  • Friendly fraud, where a customer places an order and then requests a refund with the intention of defrauding the merchant.*
  • Self-fraud, in which a customer places an order but forgets or does not recognize the charge on the credit card or bank statement.*
  • Commercial disagreements between the customer and the merchant.
  • Technical errors, in which a payment was processed in error.

    *guaranteed/protected by Clearsale

What is the difference between fraud protection and chargeback management?

Some "fraud protection" companies are really chargeback management companies. They prevent chargebacks, but not the fraud itself. These companies will fight the chargeback after it has already happened. Although the merchant will typically not have to deal with the cost of the chargeback fees, the merchant will still have to bear the cost of the fraud, which typically includes loss of the product, shipping costs etc.

ClearSale is a true fraud protection and chargeback prevention solution. We focus on the root of the problem — preventing fraud from happening in the first place — so merchants can be spared from all of the costs of fraud and related chargebacks.

Why should merchants worry about overprotection from fraud?

As with any business decision, the benefits must be weighed against the costs.

With fraud protection, it's easy to fall into the trap of “turning on” every fraud prevention feature to ensure that nothing accidentally seeps through the cracks. However, there is such a thing as being too aggressive with fraud management.

Stopping fraud is good — but if it means you are declining every transaction that might possibly be fraudulent, without investigating these orders, then it may mean you're turning away perfectly good customers. Viewed from this perspective, a 0.0% chargeback rate is not a desired outcome if you are actually declining 10% of your legitimate orders to get to that number.

In reality, as scary as fraud can be, it's relatively rare. For every fraud attempt blocked, fraud programs can produce as many as 40 false positives (a 40:1 ratio), meaning that up to 97% of transactions flagged as high-risk are in fact legitimate transactions.

These false positives result in card declines, loss of sales, blocked accounts, and an overall poor customer experience. Worse, it's not uncommon for customers falsely declined to take their complaints to social media and negative online reviews.

For all of these reasons, a balance needs to exist between the fraudsters you are stopping and the good customers you are turning away. 

Should the payment gateway be activated before or after risk management?

ClearSale recommends pre-reservation. In the ideal scenario, when an order is received, the order amount is reserved in the payment means, thereby avoiding losing the purchase due to lack of credit. In the meantime, the order will be analyzed for risk.

As soon as ClearSale issues an approve/decline decision, the merchant may opt to complete the pre-reserve or cancel it. If the order is turned down, the reserve can be cancelled. This avoids unnecessary losses with the card operator. If the order is approved the reserve is released and the order is safely delivered to the customer.

However, this is only our recommendation. We can handle several different scenarios, depending on what is best for your business. 

Can ClearSale handle abrupt changes in transaction volumes?

We understand that, for many merchants, sales volumes can vary dramatically on a daily or seasonal basis. We are prepared for these scenarios and can analyze all transactions with the same level of speed and accuracy, even when your store is suddenly handling a number of orders that is far above average. For example, if your store processes an average of 300 orders a day, but suddenly this numbers jumps to 1500, we will provide our services at the same speed and accuracy — ensuring your fraud protection solution never gets in the way of your revenue.

Does ClearSale integrate with my e-commerce platform?

We offer plugins and guides for the major e-commerce platforms, including Magento, Shopify, Prestashop, Woocommerce, Demandware/Salesforce, BigCommerce, Zoey, 3D Cart, Volusion, and many others. These pre-built integrations make it easy to quickly implement Clearsale in your CMS or e-commerce platform.

For custom integrations, refer to our API library; our customer service team is also ready to help. Please check the Developers area of our website for more information.

My online store is “low-risk.” Do I still need a fraud management tool?

In our experience, companies believe they are low risk because of two reasons:

  1. Your company cancels any order it finds suspicious. This solves the fraud problem, but it also means you are probably declining many safe purchases made by good customers who, for some reason, fit a fraud risk profile or have made a small error during the transaction process. This can cause you to lose sales and customer relationships.
  2. Your company has yet to be discovered by fraudsters. This is just a question of time and market exposure. Eventually, fraudsters will find you — and as soon as they realize you have lax fraud protections in place, you'll launch a large-scale attack. On the other hand, if they test your store and find that you are well-protected from fraud, they'll move on to other stores that offer an easier target.

What should merchants know about preventing fraud for online sales?

The survival of a company that sells online depends in part on its ability to minimize financial losses due to fraud, and in part on its ability to approve the largest number of orders in as short a time as possible.

Therefore, a good anti-fraud service will include a thorough risk management system that ensures high rates of approved sales while also minimizing chargebacks — all in as short a response time as possible.

Companies that do not embrace fraud management best practices risk turning down good orders simply because fraud is suspected (without verifying if in fact the order is fraudulent). They also risk delaying order approvals because they will lack ready access to the analytical skills and resources required for proper fraud reviews.

Who is responsible for chargebacks?

In card-not-present transactions, merchants are responsible for chargebacks, so they are required to bear the financial losses.

What is a chargeback?

A chargeback occurs when a customer disputes a charge on his/her credit card bill. If the true owner of the card does not recognize the purchase, he or she will ask for their money back by filing a complaint with the issuing bank. This is known as a chargeback.

When this happens, the issuing bank debits the amount that would be transferred to the merchant.

What losses does fraud create?

Losses can extend far beyond the value of the goods lost due to fraudulent purchases. If fraud management is not properly handled, high levels of unauthorized purchases or lengthy analyses can lead to lost sales, lost shipping costs, loss of any marketing investment, an adverse effect on the merchant's image and, most importantly, lost customers.

Merchants may not realize that transactions can be declined for the smallest errors. This may lead to loss of immediate revenue from the purchase, or more importantly, loss of a future loyal customer. As data breaches and fraud attacks increase, security restrictions are becoming tighter. The need for hands-on fraud management for every merchant is now vital.

How does fraud work in e-commerce?

Unlike purchases where the customer walks into the store and the clerk can ask for signatures, PIN numbers, and I.D., in purchases made online or by phone (card-not-present) there is no physical or visual contact between merchant and customer. As a result, card-not-present (CNP) transactions are highly attractive for fraudsters.

Here's what happens when a fraudulent transaction occurs:

  • A fraudster makes a purchase at an online store using someone else's credit card.
  • The merchant's website sends the transaction details through the payment gateway to the acquiring bank.
  • The acquirer checks with the cardholder's bank to see if the card has enough balance. If it does, the acquirer approves the purchase.
  • The transaction is completed and the goods are delivered to the fraudster.
  • The actual cardholder eventually realizes an unauthorized order has been made and submits a chargeback to the issuing bank to get their funds reimbursed.
  • The chargeback is passed on to the merchant, who not only loses the dollar amount of the sale but also must pay a chargeback fee.

Fraudster activities range from using stolen, adulterated, or cloned cards to use the data of upstanding citizens who are completely unaware that their credit card is being used inappropriately. Other types of unauthorized purchases may also be considered fraud, such as when a child uses a parent's card without permission.

Ready to
Get Started?

Let’s Talk!

Find out how to prevent chargebacks AND sell more. Talk with a ClearSale CNP fraud expert today!