How to Stop Chargebacks?

Chargebacks Hurt Business    

In the ever-evolving world of e-commerce and online transactions, security remains a top priority for businesses and consumers alike. Credit card fraud and chargebacks can be detrimental to both parties involved, leading to financial losses and potential damage to a company’s reputation. To combat these threats, the payment industry has introduced a powerful tool known as 3D Secure (3DS), which not only enhances security but also helps reduce chargebacks significantly.

The Chargeback Process     

The Fair Credit Billing Act of 1974 mandates that all cardholders have a minimum of 60 days to dispute illegitimate charges. Most Banks allow up to 120 days.  Generally speaking, merchants will have 30 days to respond to each phase when dealing with Visa orDiscover chargebacks. For Mastercard, the time limit is 45 days per phase, and with American Express, theresponse time frame is only 20 days per phase.

What happens if you lose a chargeback? There is an arbitration process available whereby a merchant or a cardholder may request an arbitration. This is typically done in 2 steps, a pre-arbitration, where the acquiring bank (the merchant’s bank) sides with the cardholder’s bank or not. If both banks disagree or if both parties disagree. The chargeback goes to the card brand Visa, MasterCard, American Express for final arbitration.

Best Practices to Avoid Chargebacks 

Establish a card not present Account (CNP) – A CNP account is a mercchant account that has been designated as more than 50% of the transactions, or a majority of the transactions will be non-face to face, such as over the internet or keyed in transactions.  These type of accounts are underwritten and approved by the acquering bank and issuing banks to accpet CNP transactions.  Conversley, if a merhcant kyes in  a transaction through a merchant account that is not approved for mostly CNP account, there is the possiblity of the card issuing bank using a chargeback Visa’s reason code 10.3, “Other Fraud – Card-Present Environment” and MasterCards Reason code 4837.  Most chargeback departmnets have been given instructions to refuse all merchant challenges under reason code 10.3, “Other Fraud – Card-Present Environment”.  This reason code was created by Visa and MasterCard after 2015, when both Visa and MasterCard created the “EMV Liability Shift”, which was the requirment that merchant must stop taking magstripe cards and start taking EMV chip cards.  In additon, Visa and MasterCard made it harder for a merhcant to contest a chargebacks for keyed in transactions or internet transacitons through a merhcant account which was established for EMV chip card sales.  Basically, the card brands created a chargeback reason code which entraps unknowing merchants into rules which give no or very little recourse to contest a chargeback if the particular merhcant account was not established as a CNP – card-not-present merchant account.

Do not Swipe Magstripe Cards, only Accept Chip / EMV or NFC Cards This is due to the 2015 and 2016 Visa and MasterCard “EMV Liablity Shift”.  Magstripe cards contain static data that can be easily copied or skimmed by fraudsters using inexpensive devices. This makes magstripe transactions highly vulnerable to fraud, including counterfeit card fraud and unauthorized use. Before 2015, counterfiet cards were covered by Visa and MasterCard if they were magstripe.  EMV (Europay, Mastercard, and Visa) chip cards contain dynamic data that changes with each transaction, making it much more difficult for fraudsters to replicate or clone cards. Chip technology provides a higher level of security compared to magstripe cards, reducing the risk of counterfeit fraud.

Do not accept Apple Pay or Google Pay When customers use their mobil phones to tap and pay, this is not the same as a NFC transaction from a card issued by a bank.  Apple pay and Google pay both store card numbers in an app or software wallet which then is transmised to a POS terminal by a tap-to-pay mechinisim.  But,  these payment types are processed by as card-not-present transaction even though the customer is face to face at the point of sale.  Also, criminals may store any card what so ever in these software wallets, including stolen credit cards.

Have the Proper Legal Verbiage on your Website, Invoices, and Point of Sale There are chargebacks which may occur which the customer if contesting the sales price or final bill of the goods or services.  Also, there may have been defective goods or services rendered.  Examples of these chargeback codes are Visa’s 13.1 “Merchandise / Service Not Recieved” and 13.3 “Not as Described or Defective Merchandise / Services”.  By having the proper verbiage, these chargeback codes can be contested and sucessfully challenged.

Get 3D Secure – The Best Practice to Stop Chargebacks

3D Secure (3-Domain Secure) is a security protocol designed to provide an additional layer of security for online credit and debit card transactions. It is called “3-Domain” because it involves three key parties in the process: the merchant/acquirer domain, the issuer domain (the bank), and the interoperability domain (the infrastructure provided by the card scheme, like Visa or Mastercard, to support the 3D Secure process).

When you make an online purchase with a card enrolled in a 3D Secure program (such as Verified by Visa, Mastercard SecureCode, American Express SafeKey, or others), the system checks to see if the card is enrolled in 3D Secure. If it is, a pop-up window or an inline frame appears during the checkout process. This window is connected directly to your bank (the card issuer) and may ask you to enter a password, answer a security question, or, increasingly, authenticate via biometrics or a one-time passcode sent to your phone. This step ensures that the person making the transaction is the legitimate cardholder.

Key Benefits of 3D Secure:

  • Enhanced Security: By requiring an additional authentication step, 3D Secure helps to prevent unauthorized use of a card in online transactions, reducing the risk of fraud.
  • Liability Shift: Typically, if a transaction is authenticated through 3D Secure, the liability for fraudulent chargebacks shifts from the merchant to the card issuer. This means that merchants are better protected against fraud-related chargeback costs for transactions verified through this process.
  • Consumer Confidence: Knowing that a transaction is protected by 3D Secure can increase consumer confidence in online shopping, benefiting both customers and merchants.

How Does 3D Secure Work?

What Chargebacks are Covered by 3D Secure?

90% of Chargebacks are reported as “fraud” or “stolen card”.  3D Secure shifts the liability from these chargebacks from your business to the card holder’s bank.

Fighting Chargebacks in Retail Environments – Pay-at-the-pump and Unattended Kiosks

The requirement for showing ID during credit card transactions, as well as the need for signatures, has evolved with advancements in payment security technologies. The introduction of EMV (Europay, Mastercard, and Visa) chip technology has significantly altered the landscape of in-store payment authentication.

For many years, signatures were required as a means to verify the cardholder’s identity and approve transactions, offering a layer of protection against fraud. However, the shift towards EMV chip cards, which began more significantly around 2015, marked a move away from reliance on signatures. EMV chip technology provides enhanced security through a unique, one-time code generated for each transaction, making it highly effective against counterfeit fraud. This advancement in technology has rendered the requirement for signatures largely obsolete for verifying credit card transactions​​.

By 2018, major credit card companies, including Visa, Discover, Mastercard, and American Express, had moved towards eliminating the need for customer signatures on credit card purchases, acknowledging that signatures did not significantly prevent fraud and the process was not as secure as newer technologies. This decision was also driven by a desire to speed up the in-store checkout process. The adoption of EMV technology has been broad, with a significant reduction in counterfeit fraud observed among EMV-compliant merchants​​.

While the detailed Visa and Mastercard regulations could not be accessed directly without specific authorization, it’s clear from the available information that the emphasis is on utilizing advanced security measures, such as EMV chip technology, to protect cardholder information and authenticate transactions. Visa, for example, has implemented Visa Secure to provide additional protection for online purchases, ensuring transactions are as secure online as they are in stores​.

There are certain environments in which a customer presents their credit card, in a card present environment, but Visa and MasterCard do not provide any recourse if a chargeback is remitted to the merchant.  Such retail environments are Automated Fuel Dispensers (AFD) and related Unattended Kiosks.  These payment environments are tracked by the card brands using the SIC codes and autthorization codes from these devices.   These types of payment environments can be targets for theifs.  Stolen cards can be presented and goods and services can be obtained using a stolen credit card.  To fight this, there are measures which can greatly reduce if not completley eliminate the threat of these chargebacks.

Zip Code Verification – Gas Stations frequently can get chargebacks from stolen credit cards at the pump. Because there is no signature required when someone uses their card at the pump, there is no recourse for the gas stations to fight these chargebacks. Now, there is address verification, or Zip code verification to help protect gas stations from stolen cards. When a card is used at the pump, the card holder must enter the Zip Code of the credit card. If this is not entered correctly, the card will be denied.

theft.jpg

Velocity Protection  – Velocity Protection also protects gas stations from stolen credit cards. Many times when cards are stolen, the thief will use the card several times in one day at a single gas station stealing hundreds of dollars of gas. To help prevent this, Velocity Protection does not allow a single card to be used more than a specific number of times in one day, week or month at a gas station.