Stopping Card Not Present (CNP) Fraud: A Growing Threat
What is a Card Not Present Transaction?
A Card Not Present (CNP) Transaction occurs when neither the credit card nor the cardholder are present. Common examples include Online Shopping, Phone orders, Card-on-file payments, Mail orders, Recurring payments, and online invoicing.
The Scale of the Problem
CNP fraud is projected to grow from $18 billion in 2024 to $49 billion, globally, by 2030.
Why CNP Fraud Persists
Card Not Present Fraud persists because the cardholder has no role other than disclosing the card information. Anybody with access to that information can pretend to be the authorized cardholder. In other words, there is no MultiFactor Authentication.
Current Solutions Fall Short
Attempts to solve this with SMS messaging of security tokens are not universal and add cost to the card issuing bank and to the merchant.
Introducing HMIDTags.com's Solution
HMIDTags provide a unique solution for card issuers to empower cardholders in the fight against CNP fraud.
How it Works
Banks issue credit cards with an EMV chip for secure in-store purchases. This card includes a static in-store CVC code. That is, the CVC code printed on the card doesn’t change from one store to the next - it stays the same.
For online purchases, customers also receive an HMID Tag encoded with a multiKey Identity Key. The cardholder uses their mobile device to scan the tagged identity key into their bank app, and activates it by entering a PIN.
Online Purchase Process:
1. Cardholders enter their credit card information at the merchant site as usual.
2. Instead of using the in-store static CVC code, the bank app generates an online Consent Verification Code (CVC) specific to the merchant site.
3. The cardholder opens the bank app, enters the merchant's website name, and receives the unique online CVC for that merchant.
4. The cardholder uses this online CVC at the merchant site, which can be saved for future purchases.
The Benefit
Even if the customer credit card information was hacked from a merchant’s website, the card data cannot be used elsewhere.
Security Features:
The online CVC code cryptographically links the bank, the customer, and the merchant.
This system does not rely on blockchain or tokens.
There are no SMS charges involved, ensuring a cost-effective solution.
This method provides simple, contactless, and connectionless security.
This enhanced security mechanism ensures that online purchases are secure and fraud-resistant, providing peace of mind to both customers and merchants.
We empower the customer with an issued HMID Tag linked to the Issuer's MultiKey enabled app. This solution enables the authorized cardholder to generate a per merchant, or per transaction dynamic MultiKey CVC.
The MultiKey CVC cryptographically links the bank, the customer, and the merchant. No blockchain, no tokens, and no SMS charges. Simple, contactless, connectionless security at its best.