How can disputes be prevented?
You can protect yourself from unfair chargebacks by collecting the following information (depends on your business):
- Cardholder signature on the pick-up form
- Copy of identification presented by the cardholder
- Details of identification presented by the cardholder
- Purchaser’s IP address
- Purchaser’s e-mail address, description of the goods downloaded, date and time goods were downloaded, proof that the merchant’s website was accessed for services after the transaction Date
- Reason Code 75 – Cardholder Does Not Recognize Transaction
- Reason Code 83 – Fraud Transaction—Card Absent Environment
How does a chargeback work?
We receive chargebacks/disputes from our acquiring bank. Here are the most common chargeback reasons:
- Services not provided or merchandise not received
- Cancelled recurring transaction
- Not as described or defective merchandise
- Credit (Refund) not processed
What is online/internet fraud?
The term refers to any type of fraud scheme that uses email, websites, chat rooms or any Internet related means to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to others connected with the scheme.
What are the most common types of online/internet fraud?
- Credit card fraud:
A credit card fraud occurs when someone gains financial or material advantage by using a credit card, or information from a credit card, to complete a transaction that is not authorized by the legitimate account holder6) (also see Electronic payment options).
- Identity theft:
Identity theft occurs when a party acquires, transfers, possesses, or uses personal information of a natural or legal person in an unauthorized manner, with the intent to commit, or in connection with, fraud or other crimes. Identity theft counts as identity fraud scheme and is a vehicle for perpetrating other types of fraud schemes, especially payment fraud.
- Friendly Fraud:
Friendly fraud might not seem so friendly, but this expression is used to group cardholders who initiate chargebacks with no malicious intent. Simple forgetfulness, family members making unknown purchases, and misunderstandings of merchant return policies can all be at the root of friendly fraud. For example, a son asks his Mom if he can use the card to order a limited edition pair of Nike’s from a boutique retailer. When Dad reviews the bill he doesn’t recognize the retailer’s name and thinks its fraud.
- Non-delivery payment/merchandise:
A purchaser of goods does not receive the items ordered, or a seller does not receive payment for items sold. Additionally, if the buyer pays by credit card, the seller obtains his name and credit card number and can use this data as a vehicle for credit card fraud.
- FBI-related scams:
Scams in which a criminal poses as the Federal Bureau of Investigation (FBI) to betray victims. For example, a victim receives an email from an FBI official and is informed that he has received an unclaimed inheritance. Then the victim is asked to click on a link and fill out a verification form with all personal information. With this information the identity is taken (see identity theft). There are many similar scams to this, most of all come in email format in which the victim is told that the FBI has been trying to get in contact with the victim.
- Computer crimes:
This fraud scheme comprises all categories including crimes targeting a computer or computer network, or crimes that attempt to use a computer or network to perpetrate other crimes.
- Miscellaneous fraud:
These crimes include a variety of scams meant to defraud people, such as work-at-home scams, fake contests and sweepstakes.
- Advance fee fraud:
A criminal asks people to pay an upfront fee to receive something of value, but does not deliver anything to the victim.
Spam, or mass-produced unsolicited bulk email, is a widely used medium for committing traditional white collar crimes including financial fraud, credit card fraud, and identity theft, among others.
- Auction fraud:
Auction fraud can be described as fraudulent transactions that occur when entering an online auction site. This can be the misrepresentation of a product advertised for sale or the non-delivery of products bought through an Internet auction site (also see Market places and Auction Marketplace).
- Overpayment fraud:
An incident in which the victim receives an invalid monetary instrument, e. g. a cheque with instructions to deposit it in a bank account and to send excess funds or a percentage of the deposited money back to the sender.
What is a chargeback?
A chargeback is a transaction reversal meant to serve as a form of consumer protection from fraudulent activity committed by both merchants and individuals.
Cardholders file a dispute with their issuing bank, at which point the merchant’s bank is debited the amount of the transaction that was previously credited.
The merchant must provide compelling evidence to disprove any fraudulent activity associated with the transaction. If the issuing bank deems the evidence enough to overturn the cardholder’s dispute, the funds are returned to the merchant. If the cardholder still believes he was the victim of fraud, he can initiate a second chargeback, also called pre-arbitration.
Who are the parties in the chargeback process?
- The Customer
The customer is a cardholder who made a purchase with a particular merchant, or is seeing a transaction on his or her statement from a particular merchant that is not recognized. Each card network guarantees zero-fraud liability to its cardholders.
- Issuing Bank
The issuing bank provides payment cards (credit, debit, prepaid, etc.) directly to consumers. The issuing bank is the “issuer” (i.e. underwriter) of the account and the responsible financial institution in regards to the disbursement of funds from the customer to the merchant. Note: The customer’s balance and authorization is managed by the issuing bank’s processor.
- Issuing Bank Processor
The issuing bank processor verifies customer account balances and either authorizes or denies transaction requests received via the card network.
- Card Network
Visa, MasterCard, American Express, and Discover are the four major card networks. Each provide the transactional rails upon which payments ride and manage the settlement process between issuing and acquiring banks. In other words, card networks provide the data connection and initiate funds flow via FedWire between customer and merchant.
Note: American Express and Discover have a unique role. As the card network, issuing bank, and acquiring bank, both the customer and the merchant are their client. Visa and MasterCard are strictly networks.
- Acquiring Bank
The acquiring bank is the financial institution responsible for acquiring authorization through the card network to receive funds on the merchant’s behalf from the customers issuing bank. During this process, the acquiring bank will settle the funds collected minus their processing fees, network fees, and interchange fees.
- Merchant Account Processor
The merchant account processor is a company that partners with an acquiring bank to process payments on behalf of the merchant. Merchants typically have a closer relationship with their account processor than their acquiring bank. A merchant’s processor and acquiring bank can be, and often are, the same institution.
- Merchant Commercial Bank Account
After the acquiring bank acquires the funds from the issuing bank through the card network’s settlement process, it deposits those funds (typically 1-3 times weekly) to the merchant commercial bank account. The merchant commercial bank account is the ultimate destination of funds transferred from a cardholder and is the source of funds when a chargeback is initiated (e.g. the funds are automatically withdrawn from the merchant commercial bank account by the acquiring bank to move back to the issuing bank/cardholder’s account).
- Payment Gateway
The payment gateway does the complex work of building secure connections to merchant account processors. It acts as a “virtual” credit card terminal which allows a merchant to submit payments to a processor via the internet. It is often analogized as a virtual credit card terminal. Payment gateways also provide fraud filters, recurring billing payments, and other valuable functionalities to assist ecommerce companies.
- The Merchant
A business, company, brand, service provider, or other relevant party who provides a good or a service in exchange for payments.
What are the reasons for chargeback?
As a merchant, you have to be fully aware of the most common reasons why merchants receive chargebacks. These are the circumstances that you also need to avoid at all costs. Note that most, if not all, chargebacks are initiated by cardholders. These are primarily due to inconsistencies in their credit card statements.
- Fraudulent Transactions The most common cause for chargeback is fraudulent transactions. This happens when the credit card is used without the authorization and consent of the cardholder. In cases like these, the merchant is held solely responsible.
- Credit Not Processed Another common type of chargeback occurs when the customer may have returned the merchandise to the merchant (e.g. when the cardholder receives an item different from what he expected), requested to get their money back but said credit was not posted to their account. In these situations, merchants are also held liable for the charges.
- Item Not Received This is one of the most common reasons for chargebacks today. This happens when the customer did not receive the item which they had paid for by credit card. As in the previous situations, the merchant is charged accordingly.
- Technical Problems Many chargeback requests are due to technical problems during the payment processes. Technical problems between the issuing bank and the merchant may lead to cardholders being charged twice for the same transaction (termed as duplicate processing). Problems with the authorization process can also lead to account being charged, even if the transaction was declined.
- These are the four main reasons for chargebacks. There are a few more detailed reasons, which can be attributed to situations such as faulty cards and human errors made during the payment process. These cases, however, may be beyond your control as a merchant.
Why am I getting an Overwhelming Amount of Fraud / No Authorization chargeback Reason Codes?
If you experience a disproportionate amount of chargebacks coded under Fraud or No Authorization reason codes, you need to take a look at your front-end fraud prevention solutions. Do you have enough safeguards in place to stop transactions that are obviously fraudulent? You need the basics; including CVV and AVS. But you can also consider adding automated transaction scoring, rules-based filters, geolocation, device ID, device fingerprinting, or 3D secure tools. Your front-end fraud prevention should be strong enough to protect your business from being pillaged by a large-scale attack.
Why am I getting absolutely ZERO Fraud / No Authorization Reason Codes?
Strict fraud prevention solutions block legitimate transactions and alienate real customers. While you don’t want to see a disproportionate amounts of fraud-related reason codes, seeing none at all can also indicate a problem. If you aren’t letting any fraudulent transactions through, how rigorous is your front-end fraud protection? Letting some fraud through is acceptable, as you can recover the revenue via responding to chargebacks. Adopt a Goldilocks approach when it comes to fraud-related reason code: not too much, not too little, but just the right amount.
Why am I receiving lots of Cancel Recurring Billing Chargebacks?
Subscription services, SaaS providers, and lots of other merchants use recurring billing as the preferred method of payment collection. When done correctly, this approach is great for guaranteeing a customer lifetime duration and ongoing revenue streams. However, when done incorrectly, merchants using recurring billing can frustrate a lot of customers. This anger and frustration appears to merchants as Cancel Recurring Billing reason codes. If your chargeback ecosystem is dominated by these types of reason codes, it’s a good indicator that your customer communication needs attention. Is it clear when users sign up that billing will occur monthly? Are you emailing users to remind them of invoice dates? When it comes to recurring billing, over-communication with the customer is always preferred.
The Chargeback Process – Simplified?
The process is similar to legal proceedings, where both parties, in this case a cardholder and a merchant, are given the chance to offer evidence in support of their claims. Retrieval requests sometimes precede an actual chargeback. Here, the merchant is asked to provide basic transactional documentation to quickly validate or disprove a potentially fraudulent situation.
Without a doubt, the process is skewed in favor of the cardholder. But, by gathering compelling evidence and responding to the dispute, merchants are able to win cases of friendly fraud and chargeback fraud while building better models to bolster front-end fraud protection.
A customer (cardholder) files a dispute by contacting his or her issuing bank about a particular transaction. These complaints are typically submitted via phone or online form.
The issuing bank reviews the disputed transaction to determine whether or not to send the chargeback to the card network.
- If the dispute is not valid, as determined by the issuing bank, the process ends.
- If the dispute is valid, the process continues to the card network.
The issuing bank provides an immediate credit to the customer for the disputed amount and the networks initiate the flow of funds from the merchant commercial bank account back to the issuing bank.
The issuing bank submits the chargeback to the card network, who passes it to the acquiring bank. Fees are incurred here that are eventually passed to the merchant.
The acquiring bank receives the chargeback and passes it along to the merchant. It typically contains instructions to gather compelling evidence that directly relates to the chargeback reason code. This communication occurs via merchant account processors online portal or an offline letter.
Here, the merchant chooses whether or not to respond to the chargeback.
- If the merchant choses to respond, compelling evidence is gathered relating to the transaction and the customer. Including, but certainly not limited to, date/time stamp, device, shipping verification, address verification, CVV match, device fingerprinting, geolocation, past transactional history, any subsequent transactions from the customer, any communication with customer, and other data.
- If the merchant chooses not to respond, the process is completed and the chargeback is ruled in favor of the customer.
The acquiring bank reviews the compelling evidence and passes the information to the card network, who then passes it to the issuing bank, on behalf of the merchant.
- If the issuing bank determines the merchant’s compelling evidence proves the chargeback is not valid, the issuing bank will decline the chargeback and pull the funds from the issuing bank back into the merchant commercial bank account (via the acquiring bank). This process may take many weeks. (i.e. The merchant won.)
- If the issuing bank determines the compelling evidence does not prove the transactions validity, the process ends and funds remain with the issuing bank/customer. (i.e. The merchant lost.)
Conditional Additional Steps Following Step 7
The customer is given the option to chargeback the transaction again. (Visa refers to this as pre-arbitration, MasterCard calls it a second chargeback.) The entire process begins again.
If the merchant wins the pre-arbitration/second chargeback, the issuing bank can push to arbitration. Which automatically incurs a $250 fee for the merchant.
In full arbitration, if the merchant wins the chargeback, they’ll receive the $250 back. However, if they lose, the merchant is assessed an additional $250 fee.
The duration of the chargeback process is dependent on whichever Visa, MasterCard, American Express or Discover reason code was used. On average, the process can last one month or as long as six months.
What are the potential outcomes of a chargeback?
Every chargeback ends in one of three outcomes. The chargeback was either actual fraud, chargeback/friendly fraud, or product/service issues. When you receive a chargeback, it’s either coded under a fraud reason code or a non-fraud reason code. However, even though some chargebacks are coded as fraud, responses often prove that they were not fraud. Instead chargeback fraud or friendly fraud was the source. Unfortunately, the categorization of fraud leads many merchants to simply ignore the chargeback, writing them off as un-winnable cases of fraud. Which couldn’t be further from the truth! By responding to these chargebacks, it’s revealed that more than three quarters of chargebacks are really chargeback fraud or friendly fraud.
What are the merchant’s losses in a chargeback?
When chargebacks are lost, merchants lose money—the amount disputed, the chargeback fee and the cost of whatever was sold. Merchants lose the time and money it took during the selling, ordering, packaging and delivering processes of the product. In 2016, ecommerce merchants can expect to lose a combined total of nearly $7 billion in revenue from chargebacks and individually 1.47 percent of total revenue.
If a merchant’s chargeback ratio is more than 1 percent, processors can increase fees for chargeback occurrences and even refuse to process payments for the merchant account. Unfortunately, the very nature of some products and services lead processors to consider them “risky.” These high-risk merchants are often turned down by credit card processors, who simply don’t want to deal with the amount of chargebacks that are common in the industry.
Controlling the chargeback ratio should be the top priority of “high-risk” merchants. Which is easier said than done! Once a chargeback reaches the card network, your ratio is impacted. When you consider that the majority of merchants don’t know about a chargeback until it hits their monthly statement, it’s no surprise that high-risk merchants can feel particularly helpless.
Chargeback Alerts give you the opportunity to prevent fees, immediately blacklist a customer, and take action to remedy the situation before a chargeback is received and recorded against your merchant account by card networks. A good alert program includes all participating issuers.
How to prevent chargebacks?
First and foremost, be an honest merchant. Produce quality products, accurately describe what you’re selling, and strive to provide the best customer service in your industry. To avoid chargebacks, merchants should consider the following:
- Excellent customer service
- A customer centric return policy
- Detailed and accurate product descriptions
- Set realistic expectations of the product/service results
- Easy to find shipping/tracking information
- Document conversations with customers
How to respond to chargebacks?
Be prepared for receiving a chargeback, because they will happen. Understand the possible chargeback reasons—currently there are over 151 different chargeback reason codes among the top four networks—and have plans in place for how you’ll react to the different reasons.
A free chargeback reporting solution is a great way for merchants to start to understand and eventually manage the chargeback process. If you field a handful of chargebacks a month, a simple solution will help you recover lost revenue.
The landscape changes when you start dealing with hundreds of chargebacks a month. Scaling internal chargeback management is not easy; it takes valuable resources away from your core competency. Instead, consider investing in outsourcing the process to professionals.
Are there any recent fraud trends/suggestion for high risk countries?
As such, there are no list of high risk/fraudulent countries or fraud trends from where fraud originates, on the contrary it is very dynamic in nature. Different businesses require different strategies to combat fraud.
Why are only GCC countries (default rules) enabled on my account?
Since your account has recently gone live with us and we are not yet fully aware of your business operations. Hence, to protect your account against exposure to fraud we set the default rules till we understand your business and change the rules accordingly.
We pro-actively block the International Credit Card and IP Address Countries to protect the Merchant account from Foreign Fraud.
Your Merchant Account is new to us hence we are unaware of your Risk Appetite and Business Operations in general on preparedness to accept International transactions.
Numerous card issuers nationwide are experiencing international fraudulent activity within their card programs. This fraud pattern is most often linked to information hacking or skimming schemes, and often the accounts affected by these schemes are reported to institutions on compromised account alerts from Visa or MasterCard. The account information obtained from these scams is then used to commit counterfeit fraud, account takeover fraud or card-not-present fraud over the Internet with foreign merchants.
Fraudulent activity is currently most common in the following high-risk countries:
Australia, Brazil, Canada, China, France, Great Britain, Hong Kong, Italy, Korea, Mexico, Malaysia, United States, Romania, South Africa, Spain, and Turkey.
Can you enable EU, America, Africa or Asia (Generic regions)?
We want to help you understand that a lot of small countries are a part of Europe that you may not see any business at all and there is no point in keeping these regions open as it merely exposes you to risk of fraud attacks.
For example, Vatican City has a population size of 800, Monaco with a size of 37,000 and Isle of Man with a size of 89,000 where you may never see any business coming through but enabling them would expose your account to unpredictable fraudulent attacks. Also, there are high risk countries in the East European region like Bulgaria, Romania and Ukraine where we see fraud attempts on a daily basis.
Therefore, it makes better sense to enable only specific targeted countries from these regions which you will be expecting payments from because from our experience there are a number of countries that we never see any genuine transactions from.
My client is from GCC but why is the transaction being blocked (VPN issue and fraud rule)?
We agree that most of the users in the Middle East use VPNs for various reasons. And this might hamper their shopping experience on your website especially if the VPN corresponds to a country that is disabled because of the fraud rules. However, we cannot enable risky countries for this reason as it will leave you prone to fraud attacks coming from high risk regions like US, UK and Canada.
Our suggestion for this issue would be to display a message like ' Transactions made using VPNs might be declined ' on your checkout/payment page resulting in lower declines due to IP country fraud rule.
Why block other countries when genuine transactions can also be declined?
Majority of the online businesses in the Middle Eastern region only focus on local countries i.e. GCC countries and other major Arab countries depending on the businesses target market. Therefore, the majority of the IPs and cards used also remains within this region.
However, when one takes the example of expatriates living in this region then there are cases where the IP fraud rules remain constant to the local region but the list of card countries enabled becomes large based on the businesses customer base.
And coming to the concern of declining business to genuine customers we have to take into account the fact that there are more possibilities of fraud occurring from regions like US than genuine customers coming through. Unfortunately, we have to deny business to a very small number of customers in order to avoid incurring HUGE losses due to possibility of more fraud transactions from US, UK, Brazil, Romania, Viet Nam, Nigeria and other high risk countries than genuine transactions. Unless of course you are specifically targeting these foreign regions and expect more genuine business than fraudulent attempts then it makes total sense to enable these countries.
More likely than not, it’s the fraudsters who get blocked and who receive the message that the transaction is blocked. Fraudsters are not your customers.
What is 3DS liability shift?
PayFort by default offers 3D secure to all its Merchants. The below are the benefits of the 3D secure transactions:
- Proven technology to reduce fraud: 3D Secure is designed to help authenticate the identity of the cardholder through the entry of a unique password/pin. This is a different approach to risk tools such as CVV2 (also important), which help to identify whether the person making the payment is in possession of the card. The ability to authenticate the identity of the cardholder is an important fraud prevention measure, which can help to stop fraudulent transactions being made over the internet using stolen card details.
- Protection from financial liability: Merchants can find that a high proportion of chargebacks are caused by the cardholder denying that they authorized a transaction. An advantage of 3D Secure is that the financial liability switches from the merchant to the card issuer for disputed payments of this type – this is known as a liability shift.
This is a significant benefit to merchants that can result in a reduction in chargebacks and disputes for some types of fraud. A merchant can even benefit from this protection when the Issuer or cardholder is not participating.
How can I make changes to the fraud rules on Fort?
Unfortunately you do not have access to make the fraud rule changes on your account. For any changes required please write to us on email@example.com and we will make the changes immediately depending on the risk appetite of the regions we are enabling/disabling.