Skip to main content
Man sitting in a cafe
Hospitality / Hospitality

CNP Fraud Shift to Hospitality

Verifone "V" as logo

Fraud in restaurants has had its fair share of attention. Over the years, restaurants have learned to identify, manage and/or prevent fraudulent purchases; but recently, the hospitality industry as a whole has found itself under attack from a new kind of fraud, Card Not Present (CNP) Fraud. And it’s on the rise.

A card not present transaction takes place when the cardholder is not present or does not physically present their credit card at the time of purchase. As a result, card not present transactions are a major route for credit card fraud because it is difficult for a merchant to verify that the actual cardholder is indeed the one authorizing the purchase.

Once only a problem for online retailers or those that sold over the phone, CNP fraud is becoming a larger issue for restaurants and the hospitality industry as a whole. Why you may ask?

As EMV reduces the risk of Card Present Fraud, fraudsters are forced to shift their efforts to other opportunities for deceit and with little to no authentication methods for online purchases, it’s a logical next target. This is a similar pattern we’ve seen globally as other regions have rolled out EMV.

Most restaurants tab totals, especially in the QSR space fall below the minimum purchase thresholds (typically $25) for authorizations. With low tab values, validation in-store is an issue as well. Where speed of service is key, putting any type of fraud detection in place is either pricey or counter-productive.

Growth in transaction volumes in e- and m-commerce channels is accelerating. More off-premise orders as online orders, mobile app orders and phone orders are increasing and in-restaurant diners are decreasing. Restauranteurs are going beyond the four walls of standard restaurants and exploring delivery, food trucks and off-site catering and in turn, increasing CNP transactions.

Open store sign
200 %
increase in credit card testing in Q1 2017 from 2016
Radia's eCommerce Fraud Technology Lab
7.2B $
in CNP fraud by 2020
Aite Group

So what’s a restaurateur to do?

Require a multifactor identity authentication: Implement a solution that requires two or more methods for authentication, which may include address verification services (AVS), requirement of a PIN or card security codes.

Deploy a multi-layered technology approach: Deploy a solution that uses both end-to-end encryption as well as tokenization making it more difficult for fraudsters to steal data for future use.

CHANGE YOUR PASSWORD! Make sure your devices and  solutions have the most up-to-date software patches, security updates and most of all, that you change your password frequently.

Review orders for red flags: Review orders to make sure the names/billing/shipping addresses match. There are also software solutions available that will match the proxy IP location with the billing location to identify any red flags. While not always practical in a restaurant environment, putting processes in place to spot check or trigger alerts may deter fraudsters.

Data from devices: Device locations, IP addresses and digital fingerprints are data that can be captured to compare against expected for one more additional layer of verification.

Projections show CNP fraud on the rise to 7.2 billion annually by 2020. Streamlining processes, following best practices and weighing investment against risk will help lead you to the right solution for your business and consumers.