A card-not-present (CNP) transaction is a purchase made remotely, without processing a physical card via a card reader or terminal and without manually entering a PIN. Unlike card-present (CP) transactions, CNP transactions don’t require point-of-sale (POS) equipment. While CP transactions involve a swipe, chip insert, or tap of a card, CNP transactions generally require customers to manually input their card number at checkout. An increasingly popular purchasing method, CNP transactions accounted for 47% of debit spending in 2025, so it’s important that merchants who sell online understand how to accept them securely.

We’ll cover the different types of CNP transactions, why they might present a fraud risk, and how to accept them securely.

What’s in this article?

• What is a CNP transaction?
  
• Why CNP transactions are a fraud risk
  
• How to accept CNP transactions securely
  
• CNP transaction processing fees and costs
  
• How Stripe Payments can help
  

What is a CNP transaction?

To be considered a CNP transaction, neither the credit card nor the cardholder can be present during payment.

Many common purchases are considered CNP transactions, including:

• Online shopping: A customer buys goods or services through a website or payment link by entering their card details and billing address. Orders can be shipped to the customer’s address of choice or picked up in store.

• Phone orders: A customer makes a purchase over the phone by giving their card details and billing information to a salesperson who processes the charge. (Mail order/telephone order payments are known as MOTO payments.)

• Card-on-file payments: A customer pays for a purchase using a payment method that they previously submitted to the merchant and approved for future use.

• Mail orders: This type of MOTO payment occurs when a customer buys goods or services through the mail by filling in their billing information on a physical order form and sending it to the merchant. Historically, customers placed mail orders through a store catalog.

• Recurring payments: These are automatic payments deducted from a customer’s credit card or bank account at agreed-upon intervals for goods and services purchased as part of a subscription. When the customer makes the initial payment, their billing information is stored in the merchant’s system and used for each subsequent payment.

• Online invoices: A customer uses an online payment system to pay an invoice from a business. These can be paid using either stored or new payment methods, including credit and debit cards, bank transfers, and digital wallets.

Why CNP transactions are a fraud risk

Since CNP transactions are processed without the customer or the credit card physically present for verification, this opens a window of opportunity for fraud. Many CNP transactions go through with no problems, but how they are processed does create some inherent risk that requires diligence. By 2030, global CNP fraud is expected to reach $49 billion. CNP fraud happens when a cardholder’s billing information is compromised and obtained by an unauthorized individual who uses it to make purchases. The person committing the fraud steals the cardholder’s payment credentials, such as card number, CVC/CVV code, and expiration date, and uses the information to make purchases.

CNP fraud affects the customer and causes the business to lose revenue, since fraudulent charges often result in chargebacks. In many cases of CNP fraud, the merchant, rather than the consumer, takes liability for and financial loss due to fraudulent CNP transactions and chargebacks.

When a customer notices a fraudulent transaction on their card, they may choose to dispute the payment with the issuing bank and request a refund. This means the business has lost the value of the sale and provided a free product or service to the fraudulent actor. The merchant may also need to pay a fee if they incur too many chargebacks. For businesses that have a higher risk of card fraud, Stripe offers additional chargeback protection.

How to accept CNP transactions securely

Because of the many issues caused by CNP fraud, it’s important for businesses to build the most secure payment process possible.

Here are a few CNP fraud prevention best practices to keep in mind for different payment methods:

Online payments

On your online checkout page, capture as much accurate customer information as possible, such as card type, account number, expiry date, and CVC. Requiring additional information helps ensure that the customer has the physical card in their possession, which means it is more likely they are the legitimate cardholder. It also helps to establish an address verification system (AVS), which asks your customer to verify their billing address and postal code during a transaction since most fraudulent actors won’t have access to this information.

Another valuable tool to use during checkout is 3D Secure, an authentication protocol designed to add an extra verification layer to CNP transactions. During a 3D Secure CNP transaction, your business’s server submits a request to the card issuer to authenticate the consumer. The issuer then prompts the consumer to provide additional information, such as two-factor verification, a password, or biometric verification. If the consumer responds correctly, the issuer then confirms to the merchant that the consumer is verified so the transaction can continue.

Radar for Fraud Teams, a suite of tools integrated with Stripe, is a powerful option that helps business owners tackle fraud. The platform’s machine learning system analyzes vast sets of data from customer transactions—such as geolocated IP addresses and checkout times—to gain insights about potential fraudulent users. You can set a list of criteria, using a combination of your own fraud data and Stripe’s behavioral information, to block suspicious transactions and perform manual reviews. By approving these filtered transactions yourself, you are better equipped to detect and stop fraudulent activity.

Stripe’s checkout page enables you to capture all the necessary billing information during a transaction. It significantly speeds up and simplifies the checkout process for the customer, thanks to smart features such as address look-up, real-time card validation, and credit card issuer recognition.

Rules is another Radar feature that can help fight fraud. It allows you to set up filters with your own criteria, so payments that meet specific high-risk criteria (for example, the payment comes from a geographic location where fraudulent charges are frequent) can be automatically blocked.

Over the phone

If you are taking an order over the phone, it’s important to secure the information you receive from the customer in compliance with PCI requirements. If you’re a Stripe customer, you can manually enter a charge with information received over the phone via the Dashboard.

In person and manual entry

For in-person transactions, businesses can put in place additional identity verifications to mitigate the risk of fraud, such as asking for a photo ID. Business owners should also use encryption services to protect all stored card data.

CNP transaction processing fees and costs

While merchants are charged a fee for every successful credit card transaction, CNP processing fees are generally higher than those for transactions with physical cards, since they carry additional risk. The fees vary based on industry and the payment processor’s markup. In general, the fees and costs follow the formula below:

Percentage of Transaction + Fixed Cost per Transaction

For US-based Stripe customers, read our pricing guide to learn about your market’s fees and included features.

How Stripe Payments can help

Stripe Payments enables businesses to set up and accept 125+ payment methods, including ACH Credit Transfers. It provides a unified, global payments solution that helps any business—from scaling startups to global enterprises—accept payments online, in person, and around the world.

Stripe Payments can help you:

• Reconcile payments automatically: Easily reconcile ACH Credit Transfers to a specific payment or invoice with an automatic reconciliation engine that uses virtual bank accounts for each customer and tools for troubleshooting.

• Simplify refunds: Make refunds or return excess funds to the customer.

• Optimize your checkout experience: Create a frictionless customer experience and save thousands of engineering hours with prebuilt payment UIs and Link, Stripe’s digital wallet.

• Expand to new markets faster: Reach customers worldwide and reduce the complexity and cost of multicurrency management with cross-border payment options, available in 195 countries across 135+ currencies.

• Unify payments in person and online: Build a unified commerce experience across online and in-person channels to personalize interactions, reward loyalty, and grow revenue.

• Improve payments performance: Increase revenue with a range of customizable, easy-to-configure payment tools, including no-code fraud protection and advanced capabilities to improve authorization rates.

• Move faster with a flexible, reliable platform for growth: Build on a platform designed to scale with you, with 99.999% historical uptime and industry-leading reliability.

Learn more about how Stripe Payments can power your online and in-person payments, or get started today.