If a card is not physically present when a customer makes a purchase, the merchant must rely on the cardholder, or someone purporting to be so, presenting card information indirectly, whether by mail, telephone or over the Internet.
Shipping companies may guarantee delivery of goods to a location, but they are normally not required to check identification and they are usually not involved in processing payments for the merchandise. A common preventive measure for merchants is to allow shipment only to an address approved by the cardholder, and merchant banking systems offer simple methods of verifying this information. Before this and similar countermeasures were introduced, mail order
carding was rampant as early as 1992. A
carder would obtain the credit card information for a local resident and then intercept delivery of the illegitimately purchased merchandise at the shipping address, often by staking out the porch of the residence. Small transactions generally undergo less scrutiny, and are less likely to be investigated by either the card issuer or the merchant. CNP merchants must take extra precaution against fraud exposure and associated losses, and they pay higher rates for the privilege of accepting cards. Fraudsters bet on the fact that many fraud prevention features are not used for small transactions. Merchant associations have developed some prevention measures, such as single-use card numbers, but these have not met with much success. Customers expect to be able to use their credit card without any hassles, and have little incentive to pursue additional security due to laws limiting customer liability in the event of fraud. Merchants can implement these prevention measures but risk losing business if the customer chooses not to use the measures. ==Fraud==