opinion

How to Navigate Visa's Updated Dispute Rules

How to Navigate Visa's Updated Dispute Rules

The global pandemic with which I share a name catalyzed a sizeable shift in the digital movement of money. According to Visa, annual ecommerce growth was 20% and person-to-person payments grew to $378 billion in 2021. From a significant increase in electronic commerce to brick-and-mortar businesses switching to cashless payments, every aspect of commerce has seen a rise in the demand for electronic payment options — as well as an increase in disputes/chargebacks.

Identifying trusted customers is vital to safeguarding payments. A few effective options are available to secure authorization request communications between a merchant and issuing bank, including 3-D Secure, which is compulsory by statute for businesses with a merchant account issued by a European acquirer. Digital wallets and tokenization of Payment Account Numbers (PAN) on the gateway are two other options that work to safeguard cardholder data and maintain the integrity of the payments network.

When it comes to dispute responses, the more information you can provide in support of the validity of your sale, the better chance you have of winning that dispute.

Visa has made enhancements to the data exchange to support and promote the security of the authorization request message. These enhancements include modifying the dispute rules and creating a card-not-present dispute remedy.

Effective April 15, 2023, disputes that fall under Dispute Condition 10.4 or Dispute Condition 13.2 may be remedied as follows:

Dispute Condition 10.4 - Other Fraud - Card-Absent Environment

These disputes can be remedied by providing evidence of all the following: merchandise or services were provided; the same PAN listed in the dispute was used in at least two previous transactions not reported as fraud by the customer and processed more than 120 days before the dispute processing date; the device ID, device fingerprint or IP address — plus one or more of the following for both disputed and undisputed transaction(s) as described above: customer account/login ID, delivery address for physical products, device ID or device fingerprint, IP address.

As long as you, the merchant, can provide any combination of the items listed above, with at least one being the device ID, device fingerprint or IP address, the issuing bank will not be allowed to continue the dispute.

For example, let’s say you run a membership site, and you have a member who signed up in June 2022. Now it’s December 2022, and he just noticed that he’s been charged $24.95 per month for the last seven months. He forgot to cancel his membership, but instead of calling you, he calls his credit card company and tells them, “It wasn’t me.” The credit card company will issue a dispute under dispute condition 10.4, and you will receive a chargeback.

From here, effective April 15, all you’ll need to do is log into your customer relationship manager software and provide the information listed above. Of course, the more information you provide, the better — especially if the information from the older transaction is identical to the information on the disputed transaction.

If you can prove that this cardholder signed up with you at least four months before the date of the dispute in question and has not disputed the older transactions, the issuing bank cannot proceed with the dispute.

Dispute Condition 13.2 - Canceled Recurring Transaction

This is when a cardholder notifies their bank that they attempted or requested to cancel their subscription but were billed the following month anyway. We’ve all seen those. Mysteriously, there is no email chain, support ticket or incoming phone call for this cardholder anywhere to be found. Visa has seen an increase in this practice over the last two years, too.

Effective April 15, the issuer will be required to provide the details of when and how the cardholder contacted the subscription service to cancel their membership. This requirement will help tremendously with the misuse of Dispute Condition 13.2 and align it closer to its original intention.

Disputes that are processed on or after April 15 under Condition Code 13.2 must include the following information from the issuing bank: certification that the cardholder withdrew permission for membership renewals to be charged to their card, the date the cardholder withdrew authorization and the specific method the cardholder used to contact the merchant, such as an email address, telephone number or physical address.

If the cardholder or issuing bank cannot provide this information, the dispute cannot proceed.

It’s not often that the card brands do something supportive of merchants, but this is a step in the right direction. However, just because these particular rules have changed in the merchant’s favor doesn’t mean we should be less vigilant or relax our standards. The data retention timeframe is defined as 120 days, but I still recommend holding onto all the specifics of a transaction, such as IP address, device ID, username and password, etc., for a minimum of 180 days. When it comes to dispute responses, the more information you can provide in support of the validity of your sale, the better your chance of winning that dispute.

Another excellent tool is a suite of chargeback prevention systems that are easily integrated and operate in the background of your business. Order Insight, for example, provides a real-time description of what was purchased to the issuing bank and cardholder.

This API-driven system can stop a dispute before it even gets started, and we’ve seen tremendous success with it.

Jonathan Corona has two decades of experience in the electronic payments processing industry. As chief operating officer of MobiusPay, Corona is primarily responsible for day-to-day operations as well as reviewing and advising merchants on a multitude of compliance standards mandated by the card associations, including, but not limited to, maintaining a working knowledge of BRAM guidelines and chargeback compliance rules defined in both Visa and Mastercard operating regulations.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
profile

VerifyMy Seeks to Provide Frictionless Online Safety, Compliance Solutions

Before founding VerifyMy, Ryan Shaw was simply looking for an age verification solution for his previous business. The ones he found, however, were too expensive, too difficult to integrate with, or failed to take into account the needs of either the businesses implementing them or the end users who would be required to interact with them.

Alejandro Freixes ·
opinion

How Adult Website Operators Can Cash in on the 'Interchange' Class Action

The Payment Card Interchange Fee Settlement resulted from a landmark antitrust lawsuit involving Visa, Mastercard and several major banks. The case centered around the interchange fees charged to merchants for processing credit and debit card transactions. These fees are set by card networks and are paid by merchants to the banks that issue the cards.

Jonathan Corona ·
opinion

It's Time to Rock the Vote and Make Your Voice Heard

When I worked to defeat California’s Proposition 60 in 2016, our opposition campaign was outspent nearly 10 to 1. Nevertheless, our community came together and garnered enough support and awareness to defeat that harmful, misguided piece of proposed legislation — by more than a million votes.

Siouxsie Q ·
opinion

Staying Compliant to Avoid the Takedown Shakedown

Dealing with complaints is an everyday part of doing business — and a crucial one, since not dealing with them properly can haunt your business in multiple ways. Card brand regulations require every merchant doing business online to have in place a complaint process for reporting content that may be illegal or that violates the card brand rules.

Cathy Beardsley ·
profile

WIA Profile: Patricia Ucros

Born in Bogota, Colombia, Ucros graduated from college with a degree in education. She spent three years teaching third grade, which she enjoyed a lot, before heeding her father’s advice and moving to South Florida.

Women In Adult ·
opinion

Creating Payment Redundancies to Maximize Payout Uptime

During the global CrowdStrike outage that took place toward the end of July, a flawed software update brought air travel and electronic commerce to a grinding halt worldwide. This dramatically underscores the importance of having a backup plan in place for critical infrastructure.

Jonathan Corona ·
opinion

The Need for Minimal Friction in Age Verification Technology

In the adult sector, robust age assurance, comprised of age verification and age estimation methods, is critical to ensuring legal compliance with ever-evolving regulations, safeguarding minors from inappropriate content and protecting the privacy of adults wishing to view adult content.

Gavin Worrall ·
Show More