Differences in transaction types impact your authorisation rates and fraud exposure
UK issuers recorded £572.6 million in card fraud last year, with seven in ten pounds lost through card-not-present purchases—an 11% jump from 2023. If you manage payment operations, those figures translate directly to higher chargebacks, lower authorisation rates and frustrated customers.
Your card-present transactions (in-store, physical card interactions) and card-not-present transactions (online, phone or mail orders) each create distinct authorisation patterns, fraud exposures and operational requirements.
In this article, we’ll explain the differences between these transaction types and key considerations for both.
What’s the Difference Between Card-Present and Card-Not-Present Transactions?
Authentication Requirements and Customer Verification
Since card-present transactions are physical, your customers’ chip communicates directly with your terminal. They enter a PIN or tap for contactless payments and you can verify ID if needed. However, card-not-present transactions are online; they rely on data verification—CVV numbers, Address Verification and tools like 3D Secure.
Each security layer in your card-not-present processing protects you from fraud but can push shoppers to abandon their carts. The stronger authentication available in card-present transactions is why card networks shift counterfeit-fraud liability to issuers for in-store purchases.
Regional requirements affect both channels—Europe mandates multi-factor authentication for many card-not-present payments, while the same customer could check out without additional verification steps in LATAM.
Fraud Risk and Financial Liability
Card-present transactions show lower fraud rates. Physical presence cuts losses to around 0.06% of turnover, while card-not-present fraud hits about 0.93%—fifteen times higher. On $5 million in annual volume, that difference represents nearly $43,000 in additional exposure from your online channels.
Liability follows the risk profile: process card-present transactions through EMV terminals and issuers absorb most disputes. For card-not-present processing, chargebacks typically hit your account first—unless you use 3D Secure authentication.
When customers successfully complete 3DS verification, liability for fraudulent transactions shifts to the card issuer, similar to EMV protection. This means your digital payment operations need stronger evidence collection and larger dispute resolution budgets, or 3DS implementation to transfer liability.
Authorisation Rates and Transaction Success
Banks approve card-present transactions more readily because chip data provides verified cardholder presence. Card-not-present transactions face additional scrutiny and higher decline rates as issuers flag potential fraud—each false decline wastes your customer acquisition investment.
Your card-present success rates improve with certified terminals and current firmware. Card-not-present authorisation rates benefit from local acquiring.
Regulatory Compliance and Market Requirements
Both card-present and card-not-present processing require PCI DSS compliance, but scope differs significantly. Card-present compliance focuses on terminal security and internal networks. Card-not-present processing brings every web form, hosted page and API connection into scope, multiplying audit requirements.
Europe’s PSD2 mandates Strong Customer Authentication for card-not-present transactions, adding checkout steps that card-present chip and PIN already satisfy.
The upcoming PSD3 strengthens reporting across both channels, making current documentation essential for continued market access.
Customer Experience and Conversion Impact
Card-present payments offer streamlined experiences: just tap. Card-not-present processing requires customers to input card numbers, addresses, security codes and potentially multi-factor authentication.
Here’s a table that shows how these trade-offs shape your customer journey:
| Factor | Card-Present | Card-Not-Present |
| Fraud Risk | Low (physical verification) | High (remote verification) |
| Merchant Liability | Lower (liability shift with EMV) | Lower with 3DS (liability shifts to issuer), Higher without 3DS (merchant responsible) |
| Customer Authentication | Chip/PIN, contactless, signature | CVV, 3DS, OTP verification |
| Market Reach | Limited to physical locations | Global, 24/7 accessibility |
| Compliance Complexity | Lower PCI scope | Higher regulatory requirements |
| Operational Costs | High (terminals, staff, location) | Lower (digital infrastructure) |
A Deep-Dive into Card-Present Transactions
Card-present transactions are in-person physical transactions that occur when a customer’s card interacts directly with your terminal—through chip insertion, swipe or contactless tap. With both card and cardholder physically present, payment networks consider these lower risk.
You benefit from higher authorisation rates, better fraud control and lower fees. Understanding how each technical component works helps you speed up checkout and protect your profits.
How Card-Present Transactions Work
A customer approaches your counter and inserts, taps or swipes their card. Your terminal instantly encrypts the chip or stripe data and sends it to your acquirer, who forwards the request through the card network to the issuing bank.
The issuer checks the card status, available balance and fraud indicators before sending back an approval or decline in milliseconds.
Multiple security measures are activated during this quick process. The EMV chip creates dynamic cryptograms that stop counterfeit attempts. A PIN or signature confirms the customer’s identity. For contactless payments, near-field communication adds another encryption layer.
Since the card is physically present, banks rarely need extra verification. Approval rates stay high and chargebacks remain uncommon. In busy settings like grocery stores, restaurants or transit systems, this reliability keeps lines moving and customers happy.
Mobile wallets like Apple Pay or Google Pay function the same way at your terminal—the phone acts as the card and sends tokenised EMV credentials without changing the basic process.
Pros and Cons of Card-Present Transactions
Card-present transactions give you the strongest fraud protection available in payment processing:
- Higher authorisation rates reduce lost sales from declined transactions
- Lower fraud rates
- Reduced chargeback liability through EMV liability shift protection
- Immediate payment confirmation improves cash flow management
- Customer trust increases through face-to-face interaction
- Simplified dispute resolution when fraud does occur
However, there are downsides to consider as well:
- Physical infrastructure costs, including terminals and maintenance
- Geographical limitations restrict your market reach
- Staffing requirements increase operational overhead
- Limited operating hours reduce revenue opportunities
- Reduced payment method diversity may exclude customers
- Higher setup costs for multi-location expansion
Exploring Card-Not-Present Transactions
Card-not-present transactions are remote transactions that happen when neither the cardholder nor their card is physically with you—think website checkouts, app purchases, phone orders or recurring subscriptions.
This payment method lets you sell across borders, operate 24/7 and bill customers after they’ve left your shop. The distance between you and the buyer changes risk profiles, compliance requirements and fee structures in ways that directly impact your profits.
How Card-Not-Present Transactions Work
Card-not-present transactions start with collecting data. Your checkout form or payment link collects the card number, expiry date and CVV, which are typically tokenised when they reach the gateway.
The gateway sends this data via API to your acquirer, who routes it through card networks for authorisation. Without physical card verification, extra security measures kick in: CVV and Address Verification checks, sometimes followed by 3D Secure.
Behind the scenes, fraud detection systems evaluate each transaction. These systems block high-risk attempts before they impact your revenue.
While you don’t need card readers, you still need an online checkout, payment gateway and merchant account. Once these systems are in place, you can accept payments anytime from virtually anywhere.
Remote payments go beyond websites. In-app purchases, invoice links for B2B services, stored card billing for memberships and call-center orders all follow similar workflows.
Pros and Cons of Card-Not-Present Transactions
- Global market access expands your customer base significantly
- 24/7 transaction processing captures more sales opportunities
- Lower operational costs through digital infrastructure
- Diverse payment method support increases conversion rates
- Rapid market expansion without physical presence requirements
- Scalable operations that grow with your business
The cons and downsides?
- Higher fraud rates demand sophisticated prevention systems
- Increased chargeback risks affect revenue and processor relationships
- Complex authentication requirements may reduce conversion rates
- Customer verification friction can cause abandoned transactions
- Technical integration may require development resources
How to Combat Fraud for Card-Present and Card-Not-Present Transactions
Stop Card-Present Fraud Through Terminal Security
Card-present fraud typically involves counterfeit cards, skimming devices or stolen payment credentials used at your physical locations. Many merchants underestimate how quickly criminals can compromise terminals or exploit undertrained staff who don’t recognise suspicious behaviour patterns.
You should use EMV-compliant terminals with end-to-end encryption and regular security updates. Train staff to spot unusual customer behaviour, verify signatures on high-value purchases and escalate suspicious transactions immediately.
Additionally, work with acquirers that leverage tokenisation for stored payment data. Modern providers possess direct acquiring relationships across multiple regions, like Rapyd’s licenses in the UK, Europe, Israel, Singapore, and LATAM with built-in fraud monitoring that flags suspicious card-present patterns before they impact your business.
Combat Card-Not-Present Fraud With Layered Digital Verification
Card-not-present transactions face account takeover attempts, card testing attacks and synthetic identity fraud that exploit your digital payment flows. Traditional CVV and postcode checks often miss sophisticated fraud while creating friction for legitimate customers.
An effective solution is to deploy multi-layered verification that includes3D Secure and shifts liability to the issuer. authentication.
You should also monitor for unusual purchase patterns, shipping address mismatches and rapid-fire transaction attempts. Leverage modern platforms that have a global fraud prevention system and provide cross-channel fraud intelligence that protects your card-not-present payments.
Prevent Friendly Fraud Through Transaction Documentation
Friendly fraud—legitimate transactions disputed by cardholders—affects both channels but particularly damages card-not-present operations where you lack physical signatures or PIN verification. Many merchants lose these disputes because they can’t provide sufficient transaction evidence.
Maintain detailed transaction records including IP addresses, shipping confirmations and customer communication logs. Send clear purchase confirmations with recognisable merchant descriptors and provide easy refund processes to reduce dispute rates.
You should use address verification, signature requirements for high-value card-present sales and comprehensive checkout data capture for card-not-present transactions..