In this post, we will review the Card Present(CP) transaction.
Let us say you have a credit card issued from your bank, and you go to your favorite grocery store. After you finish shopping, you pull up and insert your credit card in the Point of Sale(POS) terminal -Congratulations, You just finished a CP transaction.
In simple terms, whenever a "Merchant" can read the electronic information from your card directly at the time of purchase, it is termed as Card Present(CP) transaction.
You may wonder if the digital wallet that you used in your last coffee shop run is a Card Present (CP ) transaction - The answer is YES.
Your card can be physical or digital as long as the merchant can read the electronic card information directly from you; it becomes Card Present(CP) transaction.
Here are some examples of CP transaction - an old school credit card machine at checkout, a fancy POS(point of sale) terminal, a contactless-enabled terminal ( say NFC), Merchant card readers connected to their smartphones.
Also note, if the merchant takes your credit card and manually enters the credit card number, expiration, and CVV(Card Verification Value) numbers, then the purchase is not considered a CP transaction.
OK, this is great, but why do we need to make such a distinction?
Like everything in life and business, it is all about risk management.CP transactions usually involve mostly in-person transactions. The chances that a fraudster would attempt such a trade (i.e., in-person) with a stolen card will be lesser than doing a phone or website based purchase.
Merchants have more chargeback protection(more on chargebacks in another post, for now, chargebacks are customers reporting the fraudulent transaction on their credit card to their bank ). Merchants can provide detailed transactions and additional evidence,such as security camera footage, to reduce their liability to pay on chargebacks. In such cases, the issuer bank(i.e., the bank that issued the credit card to the customer) will pay for the fraud charges.
All transactions that are not CP are Card Not Present(CNP)
So, how does CP transactions work?
step 1 customer completes the purchase instore and goes to the cashier at the checkout .
step2:Customer either inserts a EMVCo card or uses the digital wallet with NFC with a POS device
step 3: Merchant's POS device will contact the credit card processor to complete the transaction.
What are the common methods to protect against CP fraud?
As consumers,(a) the moment you release you have lost your credit card, call your credit card issuing bank to block current credit card and request the bank to give a new card.
(b) monitor your credit card statements regularly and signup for any free alerting services provided by your bank and call your bank to block the credit card the moment you notice a fraudulent transaction.
Credit networks and Banks provide best practices for merchants. Some of the common ones for merchants.
(a) use EMV/EMVCo chip reader this will reduce the liability on the merchants
(b) Merchants can request for additional ID verification from customers during checkout.
(c) Merchant must train their cashiers at checkout to notice and report on anomaly behaviors (making multiple same day small purchases, distracting at checkout, etc.)
(d) Monitor POS device for any abnormalities (missing screws, loose wires, etc.)