11.1: Card Recovery Bulletin

The frustrating part is that authorization disputes are largely preventable. They’re not about a customer changing their mind or claiming they never received a product. They’re about a process that broke down somewhere before the sale was even completed - which means with the right systems in place, this situation could have been avoided entirely.

I’ll talk about everything you need to know about reason code 11.1: what the Card Recovery Bulletin actually was, why this chargeback was filed against you, what your options are for responding, and how to make sure it doesn’t happen again. By the end, you’ll have a picture of where things went wrong and a helpful path forward.

What the Card Recovery Bulletin Actually Is

The Card Recovery Bulletin, or CRB, is a list that Visa keeps of cards that should no longer be accepted. These are cards that have been reported as compromised, canceled, or otherwise flagged as a danger to process. When a card lands on that list, merchants are expected to decline it at the point of sale.

The system exists because not every problematic card gets caught in real-time authorization. A card might get canceled after a data breach, or a cardholder may have reported it lost before the transaction went through. The CRB is the backstop for situations where a card needs to be blocked across the network.

Reason code 11.1 comes into play when a merchant processes a transaction on a card that was already listed in the CRB at the time of the sale; it’s the core of the dispute - not that something fraudulent happened after the fact, but that the card was already flagged before the transaction was approved.

The “11” in reason code 11.1 refers to the Authorization category, which is worth spelling out. In 2018, Visa rolled out the Visa Claims Resolution (VCR) initiative, which reorganized how dispute reason codes were structured. The number 11 doesn’t signal fraud - it indicates an authorization failure. Fraud-related disputes live under a different category entirely.

This distinction matters more than it looks. A merchant who sees reason code 11.1 and assumes it’s a fraud claim could respond to the dispute the wrong way. The issue is an authorization breakdown, and the evidence needed to fight it is different from what a fraud dispute would need.

Visa designed the CRB to give issuers and merchants a shared reference point for cards that shouldn’t be in circulation. The list gets updated regularly, and merchants who use outdated terminal software or manual processes can miss those updates. When that happens, a transaction on a flagged card gets through. That’s what opens the door to a reason code 11.1 chargeback.

The whole framework only works if merchants have access to up-to-date card data at the moment of authorization. What happens after that moment - and how quickly things move - is where the timeline matters.

The Dispute Timeline You Need to Know

Timing matters quite a bit with reason code 11.1 chargebacks. A cardholder’s bank has as high as 75 days from the original transaction date to file a dispute under this reason code. That window starts the second the transaction is processed - not when the customer complains.

Once a chargeback is filed, the clock changes for you and your acquirer. The standard response window is 30 days, which shrinks once you factor in how long it can take to even receive the dispute notification. Some processors move faster than others, and that lag can eat into your response time before you even know there’s a problem.

Some processors work on a tighter timeline. Durango, just to give you an example, notes a 20-day response window instead of 30. Check with your payment provider directly to know what you’re working with before a dispute lands in your queue.

Stage	What Happens	Deadline
Transaction Date	The original card-present sale is processed	Day 0
Chargeback Filing Window	The issuing bank can file a reason code 11.1 dispute	Up to 75 days from transaction
Merchant Response Deadline	You or your acquirer must respond to the chargeback	20-30 days from dispute filing

The table above is simple, but the real-world version is messier. Disputes don’t always arrive the day they’re filed, and some acquirers take a few days to pass the notification along to the merchant. By the time you see it, a chunk of your response window may already be gone.

The 75-day filing window also means you can receive a chargeback for a transaction you’ve nearly forgotten about. A sale from two months ago can come back as a dispute, so keeping transaction records well past the point of sale is why it matters for this reason code. Merchants are generally advised to retain transaction records for a minimum period to protect against late disputes.

Why Merchants Get Caught Off Guard by This Chargeback

Most merchants that work with a reason code 11.1 chargeback weren’t being careless on the job. The problem is usually buried somewhere in their authorization process - and it went unnoticed until a dispute landed in their inbox.

High transaction volume is one of the biggest contributors to this. When a business processes hundreds of transactions a day, it can become easy to use automation and assume everything is running correctly. But if a POS system is outdated or misconfigured, it might not be sending an authorization request to the card network at all. The transaction goes through, the customer walks away, and nothing seems wrong until the bank flags it later.

Manual keying errors are another weak point. When a card is keyed in instead of swiped or tapped, there is room for the wrong data to get submitted. A small input mistake can cause the authorization to fail silently - or to not happen at all - and the sale still completes on the merchant’s end.

The Fair Credit Billing Act of 1974 gives cardholders strong protection against unauthorized or improperly processed charges. When a merchant skips an actual authorization check - even accidentally, the cardholder has a legal foundation to dispute the charge. The card networks built reason code 11.1 to enforce that protection, and the liability falls squarely on the merchant.

A single instance of this can seem like an isolated thing. One transaction slips through without a valid authorization, and it’s easy to write it off as a one-time glitch. But if it happened once, the conditions that allowed it are probably still in place.

The more important question to ask is whether this was an isolated error or if your authorization workflow has a gap that’s creating this on a repeating basis. An outdated terminal, a misconfigured payment gateway, or a staff training shortfall can each produce the same result over and over again without anyone finding a pattern.

A single chargeback is a problem. A recurring authorization gap is a much bigger one - and the disputes will keep coming until the root cause gets addressed.

How to Fight a Reason Code 11.1 Chargeback

If you want to dispute this chargeback, your goal is simple: prove the card was not listed on the Card Recovery Bulletin at the time of the transaction. Everything in your response should point back to that single fact.

Start by pulling your authorization records. You want to show an approval code from the issuing bank, the exact timestamp of the transaction, and the card number that was processed. These records set up what your system knew at the second of sale and give the card network something concrete to review.

A transaction log is also worth including - this shows the full sequence of events - the authorization request, the response from the network, and the approval - all with the same date and time. If your payment processor can give you a copy, attach it to your response.

The strongest evidence you can submit is documentation that confirms the card was not flagged at the time of purchase. Some processors will include this in the authorization response data, so it’s worth checking what your records actually have before filing anything. It’s also worth knowing how credit card retrieval requests fit into this process, since they sometimes precede a formal chargeback.

Strong Evidence	Weak Evidence
Authorization approval code with timestamp	A receipt without authorization details
Full transaction log from your processor	A written description of what happened
Processor confirmation the card was not on the CRB	Proof of delivery or customer communication
Network response data showing a clean approval	Screenshots of the order without backend data

Be honest with yourself before you submit anything. If the card was on the bulletin and your system processed the transaction anyway, winning a dispute is very hard. The liability rules for 11.1 are strict, and card networks don’t have much flexibility once a CRB violation is confirmed. If you issued a partial refund before the chargeback arrived, that situation comes with its own complications - read up on what happens when a customer disputes after a partial refund to understand where you stand.

The response window deadline is an absolute must. Miss it and the chargeback stands regardless of what your evidence shows. Pull your deadlines from your processor dashboard as soon as a dispute lands in your queue.

Stop the Next 11.1 Before It Starts

Before anything else, check your processor’s documentation for the exact response window with your 11.1 dispute. Deadlines vary, and missing one - even with good evidence - closes the door on recovery. That single administrative step is the most time-sensitive thing you can do right.

Authorization checks are like locking up at the end of the night - not a burden, just part of responsible business. The systems are already there to protect you, and steady use is what prevents a one-time chargeback from becoming a pattern. Learning more about chargeback representment can also help you respond effectively if a dispute does slip through.