What Merchants Need to Know about the Visa Compelling Evidence 3.0 Update - A Solution Provider's Perspective

Member News
Friendly Fraud
Merchant Risk Council
Jun 30, 2022

Major card networks are always taking steps to improve their processes, and this includes modifying the rules on how they handle payment disputes from time to time. Visa recently announced that they will be making some big changes to their dispute process that will take effect in April 2023. Let’s look at these changes and discuss how they will affect merchants.

Why Is Visa Updating Its Chargeback Rules?

In their announcement, Visa provided some data to explain why it felt a change was necessary. For one thing, there’s been a massive increase in online purchases over the last few years. Total card-not-present sales were 51% higher in 2021 than in 2019. This has not been without its downsides, however. There were also 29% more disputes in 2021 than in 2019. According to Visa, 80% of these disputes involve claims of fraud.

False claims of fraud by customers have long been a thorn in the side of e-commerce merchants. While the chargebacks resulting from these claims can be fought with compelling evidence, figuring out what evidence to include and writing an appropriate rebuttal letter is complicated and time-consuming. Merchants who don’t work with a chargeback management company to automate this process often ignore it entirely, accepting chargebacks as a cost of doing business. This leads to a significant loss of revenue.

The increase in disputes is a drain on the resources of issuing banks as well since they’re required to evaluate and decide on each dispute merchants choose to fight. The rising amount of time and money issuers must devote to these cases has been driven not only by the increase in disputes overall but also by the increasing number of businesses that are realizing the value of fighting chargebacks.

According to Visa, the cost of disputes for Issuers exceeded $800 million in 2021. Issuers have been asking Visa to find a way to simplify and streamline the compelling evidence process. Visa has responded by creating Compelling Evidence 3.0.

What Is Visa’s Compelling Evidence 3.0?

Compelling Evidence 3.0 is an update to the rules for handling disputes filed under reason code 10.4, Fraud—Card Absent Environment. Effective April 2023, merchants who can submit evidence fulfilling certain requirements will be able to immediately transfer liability for a dispute to the issuer. This can be done either through Order Insight before a chargeback occurs or through VROL afterward.

The existing Visa chargeback rules allow merchants to submit records of a previous undisputed transaction with matching transaction details. The specific details that must match depend on whether the purchase involved physical goods or digital ones. Upon receiving this information, the issuing bank would ask the cardholder to provide an explanation for why the transaction should still be considered fraudulent despite the matching previous purchase. If the cardholder provides a sufficient explanation, the issuer may choose not to reverse the chargeback.

With CE3.0, Visa’s goal was to create a set of requirements that, if met, would provide sufficient evidence to deny the customer’s claim without further review. When the new rules take effect, merchants will be able to provide records of two previous transactions that meet the following criteria:

  1. The transactions must use the same payment card as the disputing transaction.
  2. The transactions must be more than 120 days old.
  3. The transactions must never have been disputed or flagged as fraudulent.
  4. Two of the core transaction data elements (customer account, IP address, shipping address, and device ID) must match across the two previous transactions and the disputed transaction.
  5. One of the two matching data elements must be either IP address or device ID.

    When a merchant submits the appropriate evidence, liability for the dispute is assigned to the issuer. The standardized format means that both merchants and issuers will be able to spend less time handling this kind of dispute.

    How Does Compelling Evidence 3.0 Work?

    The exact process for CE3.0 will depend on which platform the merchant is using: Order Insight or VROL. Merchants who use Order Insight will be able to submit their evidence in the pre-dispute phase, while VROL can be used once a dispute has occurred.

    When using Order Insight, Visa will automatically identify up to five previous transactions from the same card that are older than 120 days. The merchant can then determine whether they’re able to provide the required matching transaction details. If so, they can submit the evidence. Upon review, liability will be assigned to the issuer. A dispute prevented this way won’t count against a merchant’s fraud ratio or their dispute ratio.

    Merchants who don’t use Order Insight will still be able to take advantage of CE3.0 through VROL. Once the dispute has been filed, the merchant can identify transactions that meet the requirement and work with their acquirer to complete the appropriate form and submit the evidence. VROL will verify the data and assign liability to the issuer. Disputes that are reversed through VROL won’t count against a merchant’s fraud ratio, but will still count toward their dispute ratio.

    After requiring all issuers to get on board with Order Insight in 2022, Visa is now creating a clear incentive for merchants to do the same by creating a more streamlined process for deflecting false fraud claims through the system. Merchants can set up with Order Insight through Visa-owned Verifi or through an authorized reseller like Chargeback Gurus.

    How Will Compelling Evidence 3.0 Affect Merchants?

    Due to the requirement that the undisputed transactions must be at least 120 days old, many e-commerce merchants will have more difficulty meeting the new requirements. And while recurring billing merchants might find it easier to supply older transaction records, they’ll have trouble meeting the other requirements. Since recurring transactions after the first are processed without customer interaction, the merchant wouldn’t be able to supply the IP address or device ID.

    On the other hand, merchants can be assured that the chargeback will be prevented or reversed when they are able to provide this information, and other chargebacks can still be fought with other compelling evidence. Overall, merchants should be able to increase their recovery rate to a certain degree.

    That assumes, of course, that issuers comply with these changes as well. It’s not uncommon for issuers to fail to train their dispute teams on policy changes in a timely manner, effectively delaying the rollout of these changes and causing confusion for merchants.

    In any case, the best way for merchants to get ready for CE3.0 is to make sure they have a system in place to record and store the relevant transaction details in such a way that they can be easily retrieved when needed. For merchants who can take full advantage of the new system where it applies, CE3.0 presents a valuable opportunity to recover revenue.

    About the Author

    Suresh Dakshina is the President and co-founder of Chargeback Gurus. He holds a master’s degree from the University of Southern California and has consulted Fortune 5000 companies for over a decade on chargeback and fraud minimization. Suresh also works closely with card networks such as Visa and American Express on chargeback process optimization and compelling evidence policies. Chargeback Gurus has been helping CNP merchants with fraud and chargeback minimization along with revenue recovery.

    Blue-tinted background of a man watching a webinar

    Host a Webinar with the MRC

    Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.
    Submit a Request

    Publish Your Document with the MRC

    Feature your case studies, surveys, and whitepapers in the MRC Resource Center.
    Submit Your Document

    Related Resources

    There are no related Events

    Mar 08, 2023
    First-Party Fraud: What It Is, and What It Isn’t

    The fraud prevention industry is peppered with hundreds of vendors who mainly solve for third-party identity theft fraud. Some vendors branch out into synthetic fraud, including manipulated or fabricated identities, yet very few vendors tackle first-party fraud. First-party fraud is defined as the use of one’s own identity to open an account and use it to commit a dishonest act for personal or financial gain. It remains an elusive problem because there are no consumer victims in chargebacks, disputes, or overdraft fraud. Moreover, when it comes to the granular semantics of first-party fraud, different opinions start to clout the agreed-upon definition, making it difficult to classify, pinpoint, and ultimately combat these dishonest acts. 

    Join this session to hear from industry experts about: Where do manipulated identity or rewards gaming abuse fall on the spectrum between first-party and synthetic fraud?  How do these categorizations differ by industry? In what ways do our assumptions around these semantics turn into ineffective proxies for first-party fraud?  How can we differentiate between a consumer’s intent to commit a dishonest act, versus a consumer who was manipulated into a dishonest act, versus a consumer making an honest mistake? 

    The key is context. We need to understand a consumer’s act in context of other financial decisions they’ve made across various life stages, across different financial institutions, and across various economic environments. Behavioral anomalies across time and space will serve as better proxies in determining whether a consumer is a true first-party fraudster or whether new socio-economic conditions or happenstance interactions with malicious actors have resulted in a first-party-like occurrence. 

    In order to achieve this level of context, a multi-industry data consortium is required. Consumer transactional behavior can then be analyzed across the financial ecosystem, over time, to correlate actions with true first-party fraud and to promote an ecosystem of trust.

    There are no related Surveys

    Cookies help us improve your website experience.
    By using our website, you agree to our use of cookies.