Can someone use my stolen debit card details without the physical card?
Yes. Card-not-present fraud allows criminals to use your card number, expiry date, and CVV to make online purchases without ever holding the physical card.
Last reviewed: 1 June 2026
Explanation
Card-not-present (CNP) fraud occurs when a thief uses stolen card details to make transactions in environments where the physical card isn't required — primarily online shopping. They need only the card number, expiry date, and three-digit security code (CVV), all of which can be obtained through phishing sites, data breaches, or card-skimming devices. Some fraudsters also use card details to set up recurring charges or digital wallet registrations. Setting up transaction alerts, enabling two-factor authentication on your bank app, and monitoring statements regularly helps detect unauthorised use quickly. Debit cards typically have less fraud protection than credit cards, so consider using a credit card for online purchases where possible.
Common red flags
- Small test transactions on your statement you don't recognise
- Purchases from unfamiliar online retailers
- Subscription charges you didn't authorise
- Bank alert for an unusual transaction location or amount
- Your card details were entered on an unverified website recently
What to do now
- Contact your bank immediately to report unauthorised transactions and block your card
- Enable real-time transaction alerts on your banking app
- Check your card statements weekly for unfamiliar small charges
- Replace your card and update payment details saved in online accounts
Frequently asked questions
Is a debit card or credit card safer for online shopping?
Credit cards generally offer stronger fraud liability protection in most countries. With debit cards, stolen funds come directly from your bank account and recovery timelines can be longer.