How we pay…
… for our goods and services today is for the most part a seamless and easy process as organisations realise that making this simple will increase their revenue and minimise the risk of losing sales.
For years though payments were very much an in-person and physical transaction, cash was the nominal form of payment for goods and services and bank drafts were used for more significant transactions. A common theme to all payments was the fact they were in person. Because of the nature of these types of payments, it was easier to keep this secure as there was a simple process and without high-quality forgery, fraudulent payments were unlikely.
For decades cash was king, but in 1979, Visa launched the credit card terminal, then throughout the 80’s advancing electronic payment systems started to change the way transactions were done. The addition of data management platforms and telecommunications enabled the construction of a network that provided inexpensive and efficient electronic payment acceptance services worldwide. Choice in purchasing products and services started to change with the opportunities presented by mail order catalogues and call centres.
Call centres appeared and were able to process transactions for services and products over the phone. MOTO (Mail Order Telephone Order) developed into an established and expected service as the convenience was appreciated and the opportunity for increased revenue was grasped by businesses and organisations.
Card Not Present Payments
Whereas cash and bank drafts were in-person transactions, MOTO transactions became known as CNP (card not present payments). CNP transactions occur when a payment card isn’t physically presented to a merchant at the point of sale, so at no point is the card physically used to be swiped, inserted into a chip and pin device or more commonly now used for contactless payments.
While initial CNP (card not present) orders were tiny, as society’s habits changed, so did the amount of these types of transactions. Although MOTO (Mail Order and Telephone Order) was the CNP mainstay for many years, the advent of the internet, and paying ‘online’ increased the volume of CNP transactions enormously. Today there is a more complex payment environment for businesses and organisations to handle when we consider payments made over the phone, online payments, web chat, email, SMS, and social media channels to now manage.
In 2021 CNP debit card purchases grew by 23% and now account for one-third of all debit card transactions, according to a study by PULSE. On average, an active card makes 7.5 card-not-present transactions per month.
Advantages of Card Not Present Payments
The significant advantage of CNP for consumers is the convenience to pay from anywhere and in the manner that they choose. This was particularly true during the worldwide pandemic when customers’ buying patterns increased further towards remote purchases owing to store closures, lockdowns, and global supply constraints.
The ease of shopping online or through social media for example meant CNP payments resulted in less effort and fewer hurdles to making a transaction. Ultimately, this results in a win-win situation for consumers and merchants, as the former gets additional shopping and payment alternatives while the latter can reach more shoppers.
Providing more payment choices is one example of a strategy for increasing customer satisfaction. It seems to reason that consumers who feel catered to are more likely to return and, perhaps, become loyal customers. Everything comes down to prospective sales. According to Statista, CNP payments in the UK have seen a year-on-year increase between 2012 and 2017, rising from approximately seventy billion pounds in 2012 to nearly 209 billion pounds as of 2017 and has only grown more since then.
Card Not Present Transactions are Huge but Businesses are Not Being Fully Protected
The opportunities presented by remote payments have also presented an increased risk of fraud and criminal intervention over traditional CP transactions, a big drawback. Because it is difficult for retailers to confirm that a card belongs to the consumer making a purchase, these transactions carry greater risk.
Remotely it was incredibly difficult to identify who a client is and whether or not the card is theirs, particularly over the phone, internet, or by mail. Without client verification security measures, it is difficult for merchants to determine whether they have received a valid or fraudulent transaction. Since fraud risks are substantial, payment processors and card companies charge more.
Nowadays, remote payment processors must consider fraud prevention, chargebacks, and compliance with standards such as the PCI Data Security Standard. While CNP is now an expected way to pay for goods and services, companies are still not completely shielded from the hazards of receiving these payments and are often not compliant, exposing themselves to significant financial risks.
The introduction of 3-D Secure 2.0 has made some progress for online, or e-commerce, transactions in offering additional fraud protection by analysing the merchant’s contextual data and then prompting consumers to verify their identity only on high-risk transactions. But for MOTO payments, whether over the phone or via newly adopted communication channels like web chat, merchants are still open to high charges as well as fraud.
Being PCI-DSS Compliant
To help secure a business and remove non-compliance fees an organisation will need to be fully PCI DSS compliant meaning they will need to adhere to the specific requirements, of which there are many, but can be summarised as the following:
- Build and Maintain a Secure Network
- Protect Cardholder Sensitive Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
This is compulsory for any business that transmits, processes or stores payment card details. If you want to read more about PCI DSS Compliance more details can be found here
Staying Secure with the Evolution of Payments
Clearly being secure and compliant when taking card not present payments (CNP payments) can be difficult, especially with remote staff who take payments, multiple sites to manage, growing networks to maintain or large payment processing floors. Fortunately, PayGuard removes organisations from much of the scope of PCI DSS and offers a PCI Compliant secure payment solution that allows payments to be taken over any channel, protecting customers and businesses from fraud, chargebacks, loss of revenue through breaches and consumer confidence.
Not only can PayGuard protect businesses, but it also offers a host of other features that make taking CNP payments a breeze, integrating with existing systems, automating payments, setting up recurring payments, integrating multiple gateways, and CRM integration. It can be used out-of-the-box, or be tailored to specific needs.
Get in touch today for a no-obligation chat to see how we can protect your organisation and save you time and money when taking payments.