Jan 8, 2021

Relying on multiple ways to accept payments has become essential during the COVID-19 pandemic. In particular, many businesses are running customer transactions remotely over the phone, internet, or email, all of which are considered payment type card-not-present transactions. This type of transaction traditionally is considered riskier than a card present transaction because it’s harder to verify the cardholder’s identity, increasing the likelihood of fraud. However, thanks to improvements in technology, security has drastically improved, and card-not-present transactions are not only easier to take, but also imperative during our current business environment—giving you the ability to sell your products or services outside your place of business. To help you protect yourself from fraud and keep your customers’ information safe, here are four tips for running card-not-present transactions.

1. Collecting data

When collecting customers' data, make sure you only collect the required information, including:

  • Their name as shown on the card
  • Card number
  • Card expiration date
  • Customer’s contact information

Input this information directly into your payment terminal rather than writing it down, so as to eliminate the risk of someone stealing the information from your place of business.

2. Authorizing payment

Modern cards all have a card security value, also known as CVV (Card Verification Value), CVC (Card Verification Code), CMID (Card Member ID), or CID (Card Identification Number). In short, these are 3- or 4-digit numbers printed on the back of the card to increase security. Their purpose is to increase the customer's probability of being in physical possession of their card during the authorization process for any transaction. When performing a cardholder-not-present transaction, it’s recommended that you request the card security value and enter it into your payment terminal along with the other cardholder information. However, take special care not to write down or store the card security value in any way, since storing the codes could result in fines.

3. Avoiding chargebacks

Chargebacks happen when customers dispute a charge, and they can be costly and time-consuming. There are multiple reasons why a chargeback could happen. One of the most common is for "Unauthorized Use," which happens when a customer claims their card was used without their permission in a customer-not-present transaction. Sometimes, it could indicate fraud, which is why it's to collect all the info mentioned in the previous recommendations. "Authorization Not Obtained" is another type of chargeback, which happens when a valid authorization was not obtained for a deposit. Proper exception handling by your processor can help eliminate this type of chargeback. Finally, the "Recurring Transactions" chargebacks happen when a consumer believes they have been billed after canceling a subscription or membership. Using explicit billing descriptors will help you avoid them.

Another way to reduce chargebacks is by improving your customer service. How? Be accessible. Ensure you are displaying your contact information and providing easily accessible support on your website, invoices, and receipts. State the terms and conditions of the sale or service clearly and in plain view. And, always process refunds as quickly as possible. Even in situations where customers are frustrated, responding, and acting right away to their requests and resolving their matters can help future sales potential.

4. Protecting yourself

Protecting yourself and your business is essential when it comes to taking card-not-present payments. Luckily, new payment technology is highly affordable and also helps reduce the likelihood of a data breach, whether you're using a full POS system, a stand-alone payment terminal, or a virtual terminal. The Payment Card Industry Data Security Standard (PCI) was specifically developed to safeguard cardholders' personal information while in the possession or use of merchants, payment processors, and other organizations.

If you are partnered with SpotOn, we help ensure your payment terminal is PCI compliant at no cost to you, and we see to it that our payment software and hardware both follow the latest PCI standards.


Not working with SpotOn yet? We do everything in the most transparent and upfront way possible, without long-term commitments, extra fees, or hidden charges.

Get a free demo today.

Share this post