- Card not present transaction
A card not present transaction (CNP) is a credit card purchase made over the telephone or over the Internet where the physical card has not been swiped into a reader. It is a major route for credit card fraud. If a fraudulent transaction is reported, the bank that hosted the merchant account that received the money from the fraudulent transaction must make restitution. Whereas in a swiped transaction the bank that issued the credit card is liable for restitution.
The Federal Trade Commission uncovered an operation running from 2006 to 2010 that netted more than $10 million in bogus charges on credit and debit cards. The perpetrators used more than 100 phony merchant accounts that they had created to do the billing.
Each merchant account was tied to an 800 number from CallMe800. Each account was also tied to a web site they had created. They also rented physical addresses from Regus, which rents virtual offices, for each merchant accounts. Regus would forward the snail mail to Earth Class Mail, a digital mailroom service that scanned snail mail from the physical address of the merchant account and forwarded it as a PDF to email accounts that they had set up. They made sure that when they checked their online merchant accounts, that they used an IP address located near the billing address so as not to arouse suspicion.
A charge of $9 was transacted on about one million credit cards over the 4 year period. Each card billed a single time. Credit card companies only investigate if the charge is more than $10, since it costs that much to run an investigation. Then the money was moved to bank accounts in Lithuania, Estonia, Latvia, Bulgaria, Cyprus and Kyrgyzstan where the money could not be traced or recovered. The perpetrators experimented with a 20 cent charge and that generated more suspicion than the $9 charge. Only about 10 percent of the fraudulent charges were ever reported or contested by the card owner that was billed.
- ^ a b c d Stross, Randall (August 21, 2010). "$9 Here, 20 Cents There and a Credit-Card Lawsuit". New York Times. http://www.nytimes.com/2010/08/22/business/22digi.html?_r=1&src=me&ref=business. Retrieved 2010-08-24. "If a credit card is physically swiped in the transaction, the bank that issued the card is on the hook for fraudulent charges. If it is a phone or Internet purchase — called a card-not-present transaction — the bank that hosted the merchant account that received the ill-gotten charges must make restitution, said Ms. Litan, the Gartner analyst."
- ^ a b c d e f g "FTC Says Scammers Stole Millions, Using Virtual Companies". PCWorld. June 27, 2010. http://www.pcworld.com/businesscenter/article/199952/ftc_says_scammers_stole_millions_using_virtual_companies.html. Retrieved 2010-08-25. "The scammers stayed under the radar by charging very small amounts -- typically between $0.25 and $9 per card -- and by setting up more than 100 bogus companies to process the transactions. ... According to the FTC, the fraudsters charged 1.35 million credit cards a total of $9.5 million, but only 78,724 of these fake charges were ever noticed."
- ^ a b "FTC Cracks Down On Micropayment Credit Card Scam". CRN. June 28, 1010. http://www.crn.com/news/security/225701708/ftc-cracks-down-on-micropayment-credit-card-scam.htm. Retrieved 2010-08-25. "Altogether, the thieves charged a total of $9.5 million from a total of 1.35 million compromised cards over a period of four years starting in 2006. However, only about 10 percent of the fraudulent charges were ever reported or contested, according to the FTC."
Credit, charge, and debit cards Major credit cards Major debit cards Charge cards Regional cards Defunct cards Accounts Interest Payment Technology Security/crime
Wikimedia Foundation. 2010.