What is chargeback fraud and how can it be combated? (Return fraud, the role of TC40/SAFE)

[Student]

What is chargeback fraud in the context of carding?​

Chargeback fraud is the abuse of the chargeback mechanism, which was originally designed to protect cardholders from unauthorized transactions or unscrupulous merchants. In the context of carding — a type of fraud involving the use of stolen credit or debit card information — chargeback fraud takes on more complex forms. Carders can use chargebacks as a tool to obtain goods or services for free, or as part of a more complex scheme to launder money or bypass security systems.

Chargeback fraud in carding involves two main scenarios:

1. "Friendly fraud": A customer uses their own card to make a purchase, receive a product or service, and then initiates a chargeback, falsely claiming the transaction was unauthorized, the product was not delivered, or the service was not rendered. This may be accidental (for example, due to a subscription mix-up) or intentional (likely a desire to receive a free product).
2. True carding with chargeback: The carder uses stolen card details to make a purchase, receives the goods, and then the real cardholder notices the unauthorized transaction and initiates a chargeback. In this case, the merchant loses money and goods, while the carder has already profited.

Key characteristics of chargeback fraud in carding:

• High cost for merchants: In addition to the loss of goods/services, merchants pay fines ($20–$100 per dispute) and may face restrictions from payment systems if the chargeback level exceeds a threshold (usually 0.9–1%).
• Scale: According to LexisNexis, chargeback fraud accounts for up to 70% of all e-commerce disputes, and global losses from carding and related fraud will exceed $40 billion in 2023.
• Difficulty of detection: Friendly fraud is difficult to distinguish from legitimate disputes, as the customer uses their own card and often knows how to manipulate the system.

Examples of carding with chargeback:

• A carder purchases a digital product (such as a software subscription) with a stolen card, uses it, and the cardholder later disputes the transaction.
• A buyer orders a physical product (such as electronics), receives it, and then claims the package never arrived, requesting a refund through the bank.
• The carder uses fake information to make a purchase and then sells the item on the black market, leaving the merchant to deal with the chargeback.

How to combat chargeback fraud in the context of carding?​

Combating chargeback fraud in the context of carding requires a multi-layered approach, including preventative measures, transaction monitoring, dispute management, and the use of specialized tools. Below are detailed strategies:

1. Preventive measures​

• Implementation of 3D Secure 2.0 (3DS2): This technology requires additional customer authentication (e.g., a one-time code or biometrics). 3DS2 shifts responsibility for chargebacks to the issuing bank in the case of an authenticated transaction, reducing risk for the merchant. According to Visa, 3DS2 reduces fraud by 70%.
• Card data verification: Use CVV, AVS (Address Verification System), and IP geolocation. For example, if the client's IP address is located in another country, this may indicate carding.
• Limit high-risk transactions: Block or additionally check orders with signs of carding (e.g., multiple purchases from one card in a short period of time, delivery to an address that does not match the billing address).
• Clear transaction descriptions: Ensure the customer's statement clearly states the company name and purchase description. This reduces the likelihood of "accidental" chargebacks due to confusion.
• Captchas and behavioral analysis: Use systems that analyze user behavior (e.g., form completion speed, device type). This helps identify automated carding attacks.

2. Monitoring and analytics​

• AI and machine learning: Tools like Stripe Radar, Riskified, and Sift use algorithms to analyze transactions in real time, identifying carding patterns (such as frequent purchases with new cards). According to Sift, such systems reduce chargebacks by 50–60%.
• Fraud filters: Set up rules to automatically reject suspicious transactions (e.g. large orders from new accounts).
• Chargeback Monitoring: Track chargeback reasons (codes such as "fraudulent transaction" or "item not received") and analyze them to identify carding trends.

3. Dispute management (representation)​

• Gathering evidence: To dispute a chargeback, gather documentation: proof of delivery (with signature), IP logs, email correspondence, and transaction screenshots. This is especially important against friendly fraud.
• Automate your processes: Use services like Chargeback Gurus or Midigator to automatically submit representations. Statistically, you can win up to 40% in chargeback with proof.
• Timeliness: Make sure you respond to chargeback requests within the specified timeframe (usually 7-30 days, depending on the payment system).

4. Cooperation with payment systems and services​

• Ethoca and Verifi Alerts: These services provide real-time chargeback notifications, allowing merchants to cancel a delivery or refund funds before a dispute escalates. Ethoca reduces chargeback costs by 30–40%.
• CDRN (Cardholder Dispute Resolution Network): A service from Visa that helps resolve disputes before they become chargebacks.
• Visa Merchant Purchase Inquiry (VMPI): A tool to prevent disputes by providing data to the issuer before initiating a chargeback.

5. Training and return policy​

• Clear returns policy: Simplify the returns process for customers so they don't have to contact the bank directly. For example, offer free returns within 30 days.
• Customer Education: Send purchase and subscription reminders to avoid "accidental" disputes.
• Staff training: Train your team to recognize signs of carding (e.g. large orders delivered to suspicious addresses).

6. Combating digital carding​

• For digital goods (games, subscriptions, software), use one-time activation keys that are deactivated after use.
• Limit the number of downloads or accesses per account.
• Implement two-factor authentication for access to digital products.

The Role of TC40 and SAFE in Combating Chargeback Fraud in Carding​

TC40 (Transaction Code 40, from Visa) and SAFE (System to Avoid Fraud Effectively, from Mastercard) are reporting systems that provide data on fraudulent transactions, including carding. They play a supporting role in combating chargeback fraud, but their focus is on true fraud (unauthorized transactions) rather than friendly fraud.

TC40​

• What it is: A report from Visa containing data on fraud claims filed by issuers (cardholder banks). Includes: transaction ID, amount, date, reason code (e.g., "unauthorized transaction"), and merchant details.
• How it helps:
  • Allows merchants to identify carding-related transactions before they turn into chargebacks.
  • Allows you to analyze patterns (such as repeating maps or IP addresses).
  • Used in Visa monitoring programs (VAMP) to track fraud-to-sales ratio.
• Limitations:
  • Data arrives with a delay (days or weeks).
  • Does not cover friendly fraud, as the focus is on unauthorized transactions.
  • Access is limited by processors or platforms (eg Chargeback Gurus).
• Example of use: A merchant sees a suspicious transaction in TC40 from a card used for carding and blocks further orders from this account.

SAFE​

• What is it: A Mastercard equivalent of TC40, part of the Fraud and Loss Database. It contains data on fraudulent transactions, including carding, and is used for monitoring programs such as EFM (Excessive Fraud Merchant).
• How it helps:
  • Provides data for early detection of carding.
  • Helps avoid penalties for high levels of fraud (>0.9% of sales).
  • Allows you to adjust transaction filtering rules.
• Limitations:
  • Like TC40, it focuses on true fraud rather than friendly fraud.
  • Access is limited, data may be late.
• Example of use: A merchant receives a SAFE report on carding from a specific card and adds it to the blacklist.

How to use TC40/SAFE against carding:

1. Processor Integration: Connect TC40/SAFE through a payment processor (e.g. Adyen, Stripe) to receive data.
2. Trend Analysis: Use data to identify carding patterns (e.g. repeated attempts from the same card).
3. Proactive measures: Block suspicious cards/accounts before delivery of goods.
4. Combination with alerts: Use TC40/SAFE together with Ethoca or Verifi to prevent chargebacks in real time.

TC40/SAFE restrictions:

• Does not cover friendly fraud, which makes up the majority of chargeback.
• Only about 25% of fraud claims in these systems result in a chargeback.
• They require integration and analysis, which can be expensive for small businesses.

Practical recommendations for small and medium businesses​

1. Choosing a payment processor: Use Stripe, PayPal, or Square, which offer built-in anti-fraud tools (such as Stripe Radar).
2. Low-cost solutions: If access to TC40/SAFE is limited, use free or low-cost services such as FraudLabs Pro or Signifyd.
3. Team Training: Regularly train employees to recognize signs of carding (e.g., orders from suspicious email domains like @tempmail.com).
4. Legal protection: Include a fraud clause in your user agreement to provide a legal basis for combating friendly fraud.

Conclusion​

Chargeback fraud in the context of carding is a serious threat to merchants, especially in e-commerce, where losses can reach millions of dollars. Effective prevention requires a combination of preventative technologies (3DS2, AI monitoring), clear return policies, and active dispute management. TC40 and SAFE are useful for detecting true fraud (carding), but their effectiveness against friendly fraud is limited. For maximum protection, combine TC40/SAFE data with real-time alerts (Ethoca, Verifi) and invest in analytics and process automation. This will not only reduce losses but also help avoid fines and restrictions from payment systems.