10.2: EMV Liability Shift Non-Counterfeit Fraud

Merchants who do that suddenly become responsible for the entire cost of any fraudulent transactions that pass through their system and on top of that they’re also stuck with covering the processing fees that come with those transactions. Merchants have to pay for these costs when they either skip EMV protocols altogether or don’t set them up correctly. Everything can depend on the technical compliance with chip-and-PIN laws and the card networks are serious about this – they want merchants to follow these laws and they enforce them pretty aggressively.

I see these problems affect merchants far more than they should. Most of these chargebacks are completely preventable.

How It Works

A customer walks up and hands you their chip card. Processing the payment the old-fashioned way actually puts you in a pretty risky place. Maybe you swipe the card because the magnetic stripe reader seems faster. Maybe you manually type in the card number because your chip reader has been acting up every day this week. Or maybe you skip asking for their PIN even though the card calls for one. These shortcuts probably feel pretty harmless – and they’re just saving you maybe ten or fifteen seconds per transaction. Most business owners have no clue that these minor time-savers can actually cost them actual money down the road.

Later on, the same customer calls their bank and claims that they never made the charge. They pull up the transaction info and see that something important is missing. Your authorization message doesn’t have the chip data that comes with every chip card transaction.

Liability laws about who pays for the loss kick in right here. Under normal circumstances, the bank that issued the card would absorb the loss from fraud. Processing a chip card without actually reading the chip makes Visa flip the script completely. They move the responsibility for the fraudulent charge directly onto you instead of the bank.

Remember that this liability switch only happens under certain conditions. It has to be either lost, stolen or for a sale that was never received by the customer in the first place. And it needs to have an EMV chip in it. You’re responsible for the entire fraudulent charge if all these conditions line up and you didn’t use the chip reader.

How it Affects Chargeback Prevention

Code 10.2 chargebacks leave you without options. These chargebacks are almost impossible to win if you didn’t use the EMV technology for that transaction. Without proof that you actually read the chip during the sale you’re out of luck.

EMV compliance can become your best protection against fraud liability. Process transactions with the chip readers and the fraud liability moves back to the card issuer. That’s how the whole system used to work before the EMV technology showed up. That’s how it works lately – if you follow the laws.

Chargebacks create a financial mess that most business owners never see coming. These disputes don’t just cost you the original transaction amount – the payment processor also hits you with extra fees that usually run anywhere from $15 to $100 per incident. These fees add up fast and they’re set in stone even if you win the dispute. A single chargeback on a big-ticket item can erase your entire day’s profit margin, sometimes even more if you’re already working on thin margins.

Code 10.2 chargebacks are probably the most frustrating disputes that merchants run into and the main reason is how few options you have to fight them. Most other chargeback types at least give you a decent shot at winning – you can gather your transaction records and customer signatures and build a case that actually has some chance to succeed. Code 10.2 chargebacks make your well-organized documentation completely worthless if you didn’t process the transaction through the chip reader. Your pile of receipts and perfect customer signatures won’t help you at this point.

At least this danger stays within your control. Every time you upgrade a terminal or train your staff to always insert chip cards you lower the chargeback exposure. It’s one of the few areas where better technology starts protecting your revenue.

Example Scenarios

A thief uses a stolen chip card at your old magnetic stripe terminal and you’re liable for the entire transaction. A customer walks in and buys $500 worth of electronics with that stolen card. Later on, the actual cardholder disputes the charge and Visa checks what type of terminal you ran it on. You didn’t process it with EMV technology so the whole $500 loss lands on you.

Sometimes the actual issue isn’t even your equipment – it’s how your staff runs the transactions. A customer’s chip card won’t read after three tries so your cashier decides to just type in the card number instead of asking the customer to swipe the magnetic stripe. That choice to type it in just moved the liability over to you – even though you have a working EMV terminal right there.

Friday afternoon rushes always have plenty of challenges and this particular day was no different. A European customer comes up to your register and hands you their chip-and-PIN card. You run it through the terminal and the screen asks for a signature instead of a PIN.

Two weeks later, a chargeback letter from the bank shows up in your inbox. It explains what went wrong – this particular card type needed PIN verification, not the signature verification that your terminal defaulted to. Sadly your reasoning at the time doesn’t matter anymore – you wind up paying for that entire $200 sale because you skipped the PIN verification step that was actually needed. Retail fraud like this happens all the time – day in and day out at stores all across the country.

Business owners need to worry about how fast that one fraudulent transaction can turn into a big financial problem. These aren’t small losses either. These situations can very quickly cost hundreds or even thousands of dollars. That’s especially true once the liability gets moved right back to the business. There’s only a short window to catch these red flags. That makes timing critical for finding and stopping a suspicious transaction.

Requirements and Timeframes

A10.2 chargeback lands on your desk and time quickly turns into your biggest enemy. Visa gives you a straight 30 days to pull together the evidence and make your case. Let that deadline slip by and the dispute is over before it even begins – there’s basically no way to appeal or get a second chance.

Fight back against a 10.2 chargeback and you have only two options. You can either prove that you processed the original transaction with an EMV chip reader or you can show the paperwork that you’ve already issued a refund to the customer. You literally have only these two ways to win this dispute.

Your evidence package has to be solid to have any chance of success. Going the EMV-compliance path means you’ll need transaction data that plainly shows the chip authentication took place – your authorization logs have to be complete and ready to grab at any time. Choosing the refund path instead requires a refund receipt with amounts and dates that line up.

Visa law changes in June 2024 already made laws harder for payment processing businesses. Last month – even stricter record-keeping laws came into effect. Most merchants lose these disputes more often than not and the culprit’s nearly always the same – they just can’t find the records when they need them most. They’re busy digging through stacks of files and folders as that 30-day deadline quietly slips right past.

Keeping all your transaction data organized in a way that actually makes sense lets you put your hands on what you need without any fuss at all. Make sure those authorization replies and EMV compliance indicators are stored somewhere you can actually reach them instead of turning your entire office upside down just to find a single document.