Every merchant accepts risk, cost and customer expectation as part of taking payments. What changes, often quite dramatically, is how those factors behave when the card is physically in front of you compared with when the payment happens remotely.
That is why the distinction between card-present and card-not-present transactions matters so much. It is not only a technical label used by payment providers. It shapes approval rates, fraud exposure, chargebacks, checkout design, equipment choices and margins. For a business selling in store, online, over the phone, or across all three, this is one of the most practical payment decisions to get right.
Two ways a card payment happens
A card-present payment happens when the customer is physically at the point of sale with the card or device being used to pay. The transaction is completed through a terminal or reader that captures chip, magnetic stripe or contactless data. In most cases, the cardholder also confirms the transaction with a PIN, or with the secure authentication built into a mobile wallet.
A card-not-present payment is any transaction where the merchant does not see the card at the time of purchase. That includes eCommerce checkout, Pay by email links, recurring billing, and MOTO payments taken by telephone or mail order. The payment relies on card details being entered into a website, app or virtual terminal rather than read from the card itself.
The difference sounds simple. The commercial impact is not.
Why risk behaves differently
When a customer taps or inserts a card in person, the issuer receives strong signals that the payment is genuine. EMV chip technology creates transaction-specific data, and the terminal handles the card credentials in a tightly controlled way. That lowers the likelihood of counterfeit fraud and gives the issuing bank more confidence when deciding whether to approve the payment.
Remote payments work harder to prove legitimacy. A checkout page cannot physically inspect the card. It has to rely on the data provided, device information, behavioural signals, CVV checks, address verification and, in many cases, 3-D Secure authentication. All of those controls are useful, but they also add steps and complexity.
This is the core commercial split between the two models: card-present usually brings lower risk and less friction, while card-not-present offers reach and flexibility at a higher operational cost.
How the payment flow changes
In person, the hardware does much of the heavy lifting. A terminal reads the card, encrypts the information and sends an authorisation request to the acquiring side of the payment chain. The process is fast, familiar and highly standardised. A well-configured card machine can make the entire experience feel almost invisible to the customer.
Online or remotely, the payment flow depends on software. The merchant needs a gateway, a hosted payment page or direct integration, plus tools to manage authentication and fraud checks. If the business takes orders by phone, a secure virtual terminal becomes part of daily operations. If it sends invoices manually, pay links may be the preferred route.
That means the merchant stack changes with the channel:
- Countertop terminals
- Mobile card machines
- Hosted checkout pages
- Shopping cart integrations
- Virtual terminals
- Pay by email links
The choice is not only about where the customer pays. It is also about how much responsibility the business carries for user experience, fraud controls and system maintenance.
A practical side-by-side view
The broad differences are easier to see when placed next to each other.
| Feature | Card-present | Card-not-present |
|---|---|---|
| Where it happens | In store, on site, face to face | Online, by phone, by email, by app |
| How card data is captured | Read by terminal via chip, swipe or tap | Entered into checkout or virtual terminal |
| Typical customer authentication | Chip and PIN, contactless device authentication | CVV, AVS, 3-D Secure, one-time bank challenge |
| Fraud profile | Lower | Higher |
| Chargeback exposure | Usually lower | Usually higher |
| Approval rates | Often stronger | More prone to declines |
| Processing costs | Commonly lower | Commonly higher |
| Required tools | Card machine, POS or mobile reader | Gateway, hosted page, API, cart plugin or MOTO tool |
| Reach | Limited to physical presence | 24/7 and potentially global |
For many businesses, that table explains why the most successful payment strategy is not choosing one model over the other. It is choosing the right controls for each.
Approval rates can quietly shape revenue
A declined transaction is not always a lost customer, but it often is. This is where card-present payments have a clear advantage. Industry benchmarks commonly place in-person authorisation rates in the high nineties, while remote card payments tend to land lower due to extra issuer scrutiny, missing data, customer input errors and fraud screening.
That gap has a direct impact on turnover. An online merchant may drive excellent traffic and still underperform because too many good customers are being declined. A shop with well-functioning terminals and strong acquiring support may convert more card attempts into completed sales with less effort.
There is also the issue of false declines, where a valid customer is rejected because the transaction looks unusual. These can be especially costly online, where the customer can abandon the basket and buy elsewhere in seconds.
A strong payment partner helps here by improving routing, supporting local acquiring where available, keeping terminals updated, and giving merchants visibility into approval trends across channels.
Fraud, liability and the real cost of convenience
Card-not-present commerce is powerful because it removes location as a barrier. A customer can pay from home, on a train, from another country, or after business hours. That accessibility is a major commercial advantage.
It also brings more fraud attempts, more disputes and a broader range of edge cases. Friendly fraud, account takeover, stolen card details and fulfilment disputes sit far more naturally in a remote environment than at a staffed till point.
The main merchant implications tend to look like this:
- Fraud exposure: remote sales usually attract more attempted misuse than in-person transactions
- Liability: without the right authentication, the merchant may carry more of the financial burden
- Operational effort: dispute management, evidence gathering and rule tuning take time
- Conversion trade-off: stronger checks can reduce fraud, but too much friction can hurt sales
This is why 3-D Secure, tokenisation, device intelligence and AI-based fraud monitoring matter so much in remote card acceptance. They are not nice-to-have extras. They are part of making card-not-present revenue sustainable.
Fees are rarely just “the rate”
Merchants often compare providers by headline pricing alone. That can be misleading.
Card-present payments are usually cheaper to process because the risk is lower. Card-not-present transactions generally carry higher interchange and acquiring costs, and those differences can become material at scale. A business with a high online sales mix may find that a small percentage difference has a significant effect on monthly gross margin.
Costs also show up in less obvious places:
- chargebacks: fees, lost goods or services, and admin time
- False declines: missed revenue and wasted marketing spend
- Reserves or delayed settlements: more common in higher-risk remote models
- Tool sprawl: separate systems for online, in-store and phone payments
This is one reason many merchants now favour an omni-channel setup with a single reporting environment. A unified view of in-person, online and remote transactions makes it easier to see which channel is profitable, which one needs tighter fraud settings, and where customer drop-off is occurring.
Customer experience is different in each channel
In-person payments win on speed. Tap, approve, receipt, done. The transaction is familiar, the merchant can assist if needed, and the physical environment gives the customer confidence that the purchase is real.
Remote payments win on access. Customers can buy at any hour, from almost anywhere, and with very little human interaction. That convenience is valuable, especially in retail, travel, subscriptions, professional services and businesses that invoice after the sale.
Yet convenience is not the same as simplicity. A poor checkout can push customers away quickly. Too many fields, weak mobile design or a clumsy authentication step can reduce conversion. The best remote payment experience keeps security strong while keeping the path to payment short and clear.
Which model suits which business?
Some sectors are naturally weighted toward one channel. Hospitality venues, salons, independent retail and pop-up traders rely heavily on card-present payments. Online retail, digital services, travel, ticketing and subscription businesses depend far more on card-not-present flows.
Many businesses now sit in the middle. A retailer may sell in store, through a website and via social channels. A hotel might take deposits online, card details over the phone and final settlement at reception. A charity may accept donations at events and also through payment links or web forms.
A sensible channel mix often looks like this:
- Card-present: shops, cafés, event stalls, reception desks
- Card-not-present: websites, renewals, invoicing, telephone sales
- Combined model: retail with eCommerce, hospitality with prepayments, service firms with deposits and final in-person settlement
That mixed model is where payment infrastructure starts to matter more than any single terminal or gateway.
Building a stronger setup across both channels
For merchants operating across in-person and remote sales, consistency matters. If reporting is split, fraud tools are fragmented and support is slow, payments become harder to manage than they should be.
A provider built for omni-channel acceptance can simplify that picture. CardPayGO, for example, offers in-store terminals, mobile card machines, an online gateway, MOTO capability, pay-by-email links and a unified payment portal. That gives merchants a way to run different acceptance models without switching between disconnected systems.
There are wider operational advantages too. Faster onboarding can reduce time to revenue. Transparent pricing makes channel comparison easier. AI-driven fraud tools can support remote acceptance without forcing every transaction through unnecessary friction. Global reach matters for merchants selling beyond the UK, while 24/7 support matters when a payment problem appears outside office hours.
This kind of structure does not remove the differences between card-present and card-not-present payments. It makes them easier to manage.
What merchants should review before deciding
The right payment mix is rarely a theoretical choice. It comes down to how the business sells, how customers prefer to pay, and how much risk the model can tolerate.
A useful review should cover:
- Sales channel: where the customer first chooses to buy
- Risk profile: how likely disputes, fraud attempts or delayed fulfilment are
- Average transaction value: higher values may need tighter controls
- Customer expectations: speed at the till versus flexibility online
- Operational capacity: who will manage chargebacks, reconciliations and support issues
- Geographic reach: domestic only or cross-border acceptance
Merchants that answer those questions clearly are in a better position to choose the right hardware, gateway, authentication flow and support model.
Card-present and card-not-present payments are not competing ideas. They are two distinct payment environments, each with its own strengths. One offers speed, confidence and lower risk at the point of sale. The other opens the door to scale, flexibility and round-the-clock trading. The businesses that do best tend to treat both with equal care, giving each channel the tools, controls and visibility it needs to perform well.
