On the 30th of June VISA hosted a webinar on the changes that CE3.0 (Compelling Evidence 3.0) will bring to fraud-related disputes. The following is a summary of the main points explained. All in all, the new rules spell good news for merchants.
VISA explained the intense increase in Card-Not-Present (CNP) transactions since the Covid pandemic (51% between 2019 and 2021), which also led to a 29% increase in related disputes. While up to 80% of CNP disputes are related to fraud, it makes sense to improve the process by which those disputes are managed.
As per VISA, the new approach behind CE3.0 is based on three key pillars:
- Structured merchant data, so Issuers can more effectively assess the validity of a dispute,
- New rules for a streamlined adjudication of the fraud transaction
- Implementation through integration to deliver the data from the merchant to the Issuer (either pre-dispute or post-dispute)
VISA aims for the Merchant to show a clear relationship between the Cardholder and the Merchant. That is to get accomplished by new criteria on the evidence to be supplied by the Merchant to confront a dispute:
- The Merchant shall provide at least two transactions on the same payment method that were settled at least 120 days prior to the dispute date. Each must be non-disputed and non-fraud,
- VISA defines four core transaction data elements: user ID, IP address, shipping address, and device ID.
- At least 2 of the above core data elements must match between the provided previous transactions and disputed transactions,
- One of the two must be either an IP address or device ID.
Changes to dispute liability
The new rule (compared to the current one) is stricter in terms of the minimum number of prior (undisputed) transactions to be sent (from 1+ to 2+), and the age of those undisputed previous transactions (from any to 120+ days prior to the dispute date). On the other hand, the new rule is more permissive in terms of the number of core transaction data elements to be provided from the Merchant to the Issuer (from 4 to 2+)
However, the most meaningful change is on dispute liability. As per the current rule, even though the merchant submitted all required core data elements, the disputed liability would remain on the acquirer. Should the customer submit a valid explanation for maintaining the dispute, that would be the case.
The new rule will change that, making the Issuer liable for the dispute once the Merchant has met all required CE3.0 criteria. That will mean an important change, enabling honest merchants to confront a higher number of disputes, including those arising from friendly fraud.
Giving the merchant more dispute options
Merchants will have the option to submit compelling evidence as per CE3.0 both at the pre-dispute stage and at the post-dispute. CE3.0 at pre-dispute will mostly work through VISA-Verifi's Order Insight. In this case, VISA would assist the Merchant in pre-selecting up to 5 disputes meeting the CE3.0 criteria. Success in the pre-dispute stage would mean chargeback can be deflected and fraud reversed.
If the merchants chooses the post-dispute route, it would be up to the Merchant and its acquirer/payment processor to gather all requirements to confront disputes as per the CE3.0 criteria. Success in the post-dispute stage would mean fraud can be reversed, but chargeback will not be deflected.
The CE3.0 will start applying in April 2023. Merchants have until then to familiarize themselves with and prepare to implement the CE3.0 requirements. This is certainly a good opportunity for merchants to improve their authorization rates while getting more accurate fraud rates and providing a better consumer experience overall.
More about how PayXpert can optimise sales for merchants.