Call us Call us Get Started
8 ways to spot and prevent card-not-present fraud
  1. The Helcim Blog
  2. Merchant Guides

8 ways to spot and prevent card-not-present fraud

Author Image

Victor Wu | June 11, 2025
“Learn to identify common red flags for fraudulent online orders and protect your e-commerce business, including steps to take to investigate a suspicious order.”
12 min read

  • Content

    Running an online business is an exciting venture, but it comes with its own set of challenges – and let's be honest, the thought of fraudulent orders can be a bit of a worry. The good news? You're not alone in this, and a little vigilance goes a long way.

    This article is designed to be your trusty guide, helping you learn how to spot common warning signs of a potentially fishy online order so you can protect your hard-earned sales.

    What is a card-not-present fraud (CNP fraud)?

    Card-not-present (CNP) fraud occurs when the fraudster uses stolen card information like the card number, expiration, and CVV to authorize online transactions. It doesn’t require a physical credit or debit card. Unlike card-present fraud, CNP fraud is much harder to prevent as the fraudsters initiate the transaction.

    This is why it is so important to keep this information secure. As a business, this is part of abiding by PCI compliance which dictates how sensitive data and credit card information can be stored.

    How do fraudsters get payment information for card-not-present fraud?

    Card-not-present fraud doesn’t require a stolen wallet, just stolen details. Most victims don’t even know they’ve been targeted. Since they still have their physical card, they don’t suspect anything’s wrong until they spot unauthorized charges on their statement.

    Fraudsters often get stolen credit card information through data breaches, phishing attacks, or malware. And once they have a card number, expiry date, and sometimes even the CVV, they’re ready to strike, no physical card needed.

    Small businesses are especially vulnerable. Criminals may test large batches of stolen card numbers on websites with weaker security to see which ones go through. Once they find a working card, they move on to bigger purchases elsewhere.

    8 ways to spot and prevent card-not-present fraudulent transactions

    Imagine yourself as a detective for your own business. When an order comes in, a quick scan for anything out of the ordinary can save you a lot of headaches down the road. Fraudsters often leave clues, and knowing what to look for is your best defense.

    Sometimes, it's not just one thing but a combination of factors or a pattern that raises an eyebrow. These are some unusual order patterns to watch for:

    1. A flurry of declines: Has the same shipping address been used with multiple cards that were declined? Fraudsters often cycle through lists of stolen cards.

    2. Card juggling: Are there multiple orders, perhaps small, going to the same customer or shipping address but using different credit card numbers? This could be a sign someone is testing out cards.

    3. Too good to be true orders: Is the transaction size or the items purchased way out of character for your typical customer? For example, an order for one of every size and color of a particular shirt, or a massive quantity of an easily resold item, could be suspicious. Very large first-time orders should also get a second look.

    4. Shipping to risky spots: Have you had previous credit card chargebacks from a specific city or region? While you don't want to paint an entire area with the same brush, if you notice a pattern of fraudulent orders from a particular location, it's worth being extra cautious with new orders heading there.

    5. Mismatched addresses: Does the shipping address differ from the billing address? While there are legitimate reasons for this (like sending a gift), fraudsters often use the real cardholder's billing address but ship the goods to themselves. If they don't match, consider if the shipping address is at least in the same general area (city, state/province, or country) as the billing address, depending on your comfort level.

    6. Sloppy or incomplete info: While genuine customers can make typos, fraudsters are sometimes hasty or lack complete information. Look out for street addresses without numbers, postal or ZIP codes that don't match the city, or incomplete names.

    7. Phone number clues: Does the area code of the provided phone number match the billing or shipping address? A mismatch isn't always a dealbreaker, but it's another piece of the puzzle.

    8. Card's origin country: The first few digits of a credit card (the Bank Identification Number or BIN) can tell you which bank issued the card and in what country. Does this match up with the customer's stated location and shipping address? If you're ever very unsure about a high-value transaction, you could even try contacting the issuing bank's risk department.

    Card-not-present fraud prevention checklists

    Spotting card-not-present fraud doesn’t always require special software. Sometimes, it’s about knowing what to look for. Card-not-present transactions leave behind clues, and a quick review before you process an order can save you from chargebacks or lost inventory.

    Use the checklists below to help you catch suspicious patterns and verify customer details before completing a sale.

    Quick checklist: online order warning signs

    • Multiple declined cards for one order/address?
    • Different cards for the same customer/address?
    • Unusually large or strange item selection?
    • Is it a first-time buyer with a very large order?
    • Shipping to a region with a history of credit card fraud for your store?

    Quick checklist: customer info check

    • Billing and shipping addresses match? (If not, is the shipping address plausible?)
    • Name, address, and postal code complete and sensible?
    • Phone area code consistent with the address?
    • Card's issuing country aligns with the customer's location?

    How to avoid processing a card-not-present fraudulent transaction

    There are a few best practices you can follow to help protect your business to avoid online payment fraud and to help protect your business along with your customers' personal information.

    1. Always ask for a CVV for keyed-in and online payments

    You know that 3 or 4-digit code on the back of a credit card? That's the Card Verification Value (CVV, also known as CVV2, CVC2, or CID). It's a crucial security feature.

    How to find a CVV code

    Always require your customers to provide the card's CVV or security code. Whether you're taking payments over the phone or selling products through your online store, requiring the CVV is a step you should take without exception.

    Because merchants are not allowed to store CVV data, a fraudster who has stolen card details (like the number and expiry date) often won't have the CVV unless they have the physical card.

    Rest assured, Helcim requires CVV for your online payments: Good news – if your customers are paying you through Helcim’s online payment tools, our system automatically requires them to enter their CVV. Because PCI rules prevent anyone (including you!) from storing the CVV, its presence helps confirm the customer likely has the physical card, not just stolen details.

    For keyed entries, ask but never store: If you're keying in a transaction for a customer (for example, in the Virtual Terminal), you should always ask for and enter the CVV. But, and this is a biggie, never write it down, store it in a file, or save it anywhere after the transaction is authorized. That’s a violation of payment card industry rules and a security risk.

    What if a customer doesn't want to provide the CVV for a keyed transaction? If you're using the Helcim Virtual Terminal and a customer is hesitant to give you their CVV over the phone, you can send them an invoice instead! This way, they can enter their card details (including the CVV) themselves securely online.

    2. Implement Address Verification Service (AVS) for online purchases

    AVS or Address Verification Service is another handy tool in your fraud-fighting arsenal. When a customer makes a purchase, AVS checks if the street number and postal/ZIP code they entered match the billing address on file with their card-issuing bank.

    AVS checks billing and shipping address to prevent card not present fraud

    It doesn't give a straight "yes" or "no" to the transaction, but it provides response codes that tell you how well the addresses matched. This can either give you confidence in the transaction or raise a flag.

    For example, an exact match is great, while a complete non-match is something to look into.

    • We've got a whole article dedicated to these codes: Decoding AVS response codes for safer transactions.
    • If you're using Helcim Fraud Defender, you can even set it to automatically void transactions based on certain AVS responses.

    How Helcim Fraud Defender prevent card not present fraud

    3. Verify and collect the person's payment information

    Make sure the cardholder’s information is accurate and complete. It’s not just about processing the payment, it’s your backup if the transaction gets flagged for fraud or chargeback later.

    It's smart to be collecting important cardholder information including:

    • Billing and shipping addresses
    • Payment date and payment total
    • Any other info that could help verify the transaction

    Being able to accurately and quickly provide this information in the event you need it is important if you have to deal with fighting a potential chargeback and chargeback fees.

    4. Stay up-to-date on PCI and credit card company best practices

    Following PCI compliance requirements is one of the most important ways to protect your business from card-not-present fraud. It helps ensure that the payment information you collect is handled safely and securely. PCI compliance can also protect your business from fines in the case of a data breach or data theft.

    Some PCI best practices include storing sensitive data like credit card details as tokens in a secure card vault. Doing so can help prevent compromised card details from being stolen and processed in the event of data theft or credit card skimming devices and scams.

    The card brands, like Visa and Mastercard, have also put together best practices for merchants who are new to credit card processing and are looking for additional guidance on how to best handle card-not-present transactions. Visa and Mastercard offer helpful tips to prevent card-not-present fraud including:

    • Using tools like Verified by Visa
    • Keeping a history of your customers’ previous purchases
    • Tracking past problem shipping addresses
    • Watching for irregularities in buying behavior

    What to do if you suspect an online order is fraudulent?

    If your spidey senses are tingling about an order, it's okay to pause and investigate.

    1. Don't ship yet: Hold off on fulfilling the order.
    2. Review the red flags: Go through the checklists above. How many potential issues do you see?
    3. Consider a confirmation call: A quick, friendly call to the customer to confirm their order details can sometimes clear things up (or make it very obvious it's a fraud attempt if they're evasive or hostile).
    4. Trust your gut: If an order feels too risky after your review, you can choose to void or refund the transaction and notify the customer you won't be proceeding. It's better to lose one sale than to lose merchandise and get hit with a chargeback fee.
    5. Use your tools: Make sure Helcim Fraud Defender is active and configured to your preferences.

    What are common mistakes that could lead to card-not-present fraud

    If you're accepting card-not-present transactions, there are still guidelines for how you should be collecting the payment information from customers.

    1. Never ask customers to send payment information over email or text

    While it is okay to ask for credit card information over the phone, you should not ask customers to send information over email or through text messages. Email and text communications are not secure, and the information may accidentally end up in the wrong hands.

    2. Never collect card details over email or text

    Never write down or improperly store your customers' payment information. If your business offers products or services that require recurring payments, then you should store the information securely using your payment processor's card vault, and by providing a secure online payment page for customers to enter their information on. The PCI-DSS mandates that the CVV can never be written down - this goes for merchants as well as processors.

    3. When in doubt, don’t process the payment

    If you notice a particular transaction raises red flags that may indicate it's fraudulent, then the best practice is not to process it, refund the transaction, and forfeit the sale. Going against your better judgment and processing a transaction that may be fraudulent is not worth the cost of potential chargeback fees if it does turn out to be fraudulent.

    4. Choose card-present whenever you can

    If the customer is present, always process the transaction as card-present using a terminal or payment device. However, if it is not possible, then by following these guidelines you can help protect your business and your customers' payment information.

    How to use technology to prevent payment fraud

    By following the best practices outlined in this blog post, you can protect your business and your customers from data breaches, chargebacks, and other financial crimes.

    Helcim Fraud Defender is built to help you spot risky transactions before they cost you. It automatically evaluates key data points to determine a transaction’s risk level, so you can make safer decisions.

    • CVV security code: Confirms whether the customer entered the correct 3- or 4-digit CVV. A missing or incorrect code can signal card fraud.
    • Address Verification Service (AVS): Checks if the street number and postal/ZIP code match the billing address on file with the bank.
    • Transaction size: Compares the current order to your average sale. A big jump might be a red flag.
    • Billing and shipping match: Verifies whether the addresses align. Mismatches can point to stolen card use.
    • Shipping location: Ensures the shipping address is in the same country as the billing address.
    • Bank Identification Number (BIN): Uses the first 6 digits of the card to check if the issuing bank is in the same country as the billing address.
    • IP address location: Looks at where the customer is connecting from and compares it to the billing location.

    FAQs

    What if a customer refuses to provide their CVV for an online order?

    If your online checkout requires the CVV (as it should), the transaction typically won't proceed without it. This is a standard security measure that protects both you and the cardholder.

    Should I always decline orders where the billing and shipping addresses don't match?

    Not necessarily. There are many legitimate reasons for a mismatch (e.g. gifts, student away at college, paying with a business card but shipping to a home). However, it's a factor to consider, especially if other red flags are present. Use your judgment and the other tips in this article.

    How do I perform a BIN lookup?

    You can use online BIN lookup tools. Just search for "credit card BIN lookup." These tools can provide information about the issuing bank, card type, and country of origin based on the first 6 digits of the card number.

    Is it always risky to ship to a PO Box?

    Not always, especially in rural areas where PO Boxes are common. However, for high-value items or in urban areas, shipping to a PO Box can sometimes be riskier as it's harder to verify who will actually pick up the package. Consider the value of the order and other risk factors.

    Related Articles

    Start accepting payments today.

    Create your free account instantly with no paperwork or commitments.

    Get started for free
    Call to action background image

    We're always
    here to help.

    New to accepting card payments? We take the time to help you understand how it all works so you can make the best decisions for your business.

    • Speak to a real person, fast
    • Experts you can trust

    Contact us today.

    Toll-Free: +1 (877) 643-5246
    Book a demo today
    Show more

    Have us contact you.

    Contact name cannot be blank
    Business name cannot be blank
    Please provide a valid email address
    Phone number cannot be blank
    Helcim high five
    Thank you! We look forward to connecting with you!