Preventing Fraud in Card Not Present Transactions

Whenever a customer pays over the phone with their credit card number, via an online payment gateway, or requires their credit card data to be entered manually into a terminal, this is considered a “card not present” transaction. In these transactions, a physical card is not used to enter a customer’s account data into your point of sale payment terminal via a chip or mag stripe. Such transactions rely solely on the account numbers printed on the credit card.

These types of transactions are some of the most at risk for fraud due to the fact that the built-in security features of the card are not used. Chip and pin technology, customer signatures, mag stripes and CVV (card verification value) codes are all features that enhance the safety of a credit card transaction for both the customer and you, the merchant. In card not present transactions, however, these security measures cannot always be applied, leaving your business exposed to higher instances of fraud.

If your business handles a large volume of card not present transactions, here are some tips to stay secure:

  • Verify that the card information is authentic. Require the credit card expiration date in your authorization request. Invalid or missing expiry dates could indicate that the customer does not have the physical card in their possession.
  • Make sure you have authorization for the transaction from the cardholder. If you suspect fraud, ask that the customer provide more information about the card, including the financial institution that issued the card. If the customer cannot provide additional details, decline the transaction.
  • Choose a merchant services provider who is PCI compliant to make sure all storage, processing and transmission of credit card data is secure. Fraudsters can target your website to gain access to customer information, so your credit card processing company must offer a highly secure transaction process that meets all applicable security standards.
  • Where possible, require that the customer enter the CVV code from the back of their card to authenticate the transaction.
  • When using an online payment gateway, use an address verification service to validate both the customer’s shipping and billing address. If the address is a mismatch to the rest of the card data, this is a red flag.

Whenever your business performs a card not present transaction, keep an eye out for one or more of the following signs of fraudulent behaviour:

  • Customer provides different shipping and billing addresses on their purchase
  • Customer requests expedited delivery
  • Multiple credit cards are used from the same IP address in a short window of time
  • Several orders sent to the same address that include various high-value products
  • The delivery address is in a different country than the cardholder’s address

Want to learn more about keeping your business safe from fraud in credit and debit card transactions? Stay tuned to the Swift Payments Blog for the latest tips on credit card processing security.



295 Waterloo Street.
London, Ontario. N6B 2N5


Toll Free:


BBB Accredited

Click for the BBB Business Review of this Credit Card - Merchant Services in London ON


Monday: 9am to 5pm
Tuesday: 9am to 5pm
Wednesday: 9am to 5pm
Thursday: 9am to 5pm
Friday:9am to 5pm
Saturday: Closed
Sunday: Closed


Swift Payments is a registered MSP/ISO of the Canadian branch of U.S. Bank National Association and Elavon. New applicants are subject to conditions and approval of the application by Swift Payments and its partnering banks.



We offer technical support for all your business needs in London, Windsor, Montreal, Kitchener, Toronto, and Ottawa.