4871: Chip/PIN Liability Shift

That change in liability is what makes 4871 worth understanding. Merchants who process chip-capable cards without chip-reading terminals, or who see fallback transactions, can find themselves absorbing losses that would otherwise have been covered by the card issuer. The amounts can vary from a single modest purchase to a pattern of fraudulent transactions that adds up faster - and disputing these chargebacks without the right documentation is an uphill battle.

The sections ahead break down how reason code 4871 works, what triggers it, what your options are if you receive one, and how to cut back on your exposure going forward.

What Mastercard Reason Code 4871 Actually Covers

Reason code 4871 has an official name: Chip/PIN Liability Shift - Lost/Stolen/Never Received Issue (NRI) Fraud. That name tells you quite a bit - this code applies when a fraudster uses a lost, stolen, or intercepted card to make a purchase in person - and the merchant didn’t process the transaction with chip and PIN technology.

The “liability shift” part is worth unpacking. Mastercard’s network rules place responsibility on whichever party in a transaction has the weaker technology. So if a card has a chip but the merchant’s terminal couldn’t read it - or didn’t require a PIN - and fraud happens, the financial hit moves from the card issuer to the merchant.

Mastercard created this rule to push the payments industry toward more secure infrastructure. When both sides of a transaction use chip technology correctly, fraud can become much harder to pull off. The liability framework gives merchants a strong financial reason to upgrade their systems and stay compliant.

It’s also worth learning about how 4871 is different from its close relative, reason code 4870. Both deal with chip/PIN liability, but they’re not the same situation. The important difference depends on whether the cardholder was physically present during the transaction.

With 4870, the legitimate cardholder is actually there at the point of sale. With 4871, someone else is using the card - without the actual cardholder’s knowledge. That distinction matters because it shapes the type of fraud involved and how the chargeback dispute gets handled.

Code 4871 is exclusively an in-person, card-present situation - it doesn’t apply to online transactions or card-not-present scenarios, which fall under different rules entirely.

How the Chip/PIN Liability Shift Falls on Merchants

Before chip card laws came into effect, fraud liability on counterfeit card transactions usually fell on the card issuer - the bank. That changed when Mastercard introduced its chip card compliance laws. Now, if a fraudulent transaction happens at your terminal and you weren’t processing chip cards correctly, that liability moves to you.

The important word here is “non-compliant.” A merchant is considered non-compliant when their payment terminal doesn’t support chip card processing or when a chip card gets processed as a magnetic stripe swipe instead. That second one trips up businesses. The terminal could be technically capable of reading chips, but if the customer swiped instead and the merchant didn’t prompt them to insert, that can still count against you.

That’s where it gets frustrating for small business owners. You may have a working terminal on your counter, but one transaction processed the wrong way is enough to push liability onto your plate. You didn’t intend for anything wrong - the laws just weren’t on your radar.

The logic behind the rule makes sense from a network perspective. Chip cards generate a transaction code for every purchase, which makes them much harder to counterfeit. If a merchant gives customers a way to bypass that protection by accepting a swipe, they’ve removed the security layer that would have caught the fraud. So Mastercard holds the merchant responsible for any loss that results.

What makes this especially hard to accept is that the fraud itself was committed by someone else. The merchant didn’t steal anything and didn’t benefit from the transaction. But because the chip process wasn’t followed, the chargeback lands in their lap regardless of intent.

For bigger retailers with dedicated IT teams, terminal compliance is routine. For a small shop owner wearing five hats at once, it’s a different story. Equipment updates, software configurations, and payment processor requirements aren’t always communicated in plain language, and it’s easy to fall behind without realizing it.

Mastercard’s laws don’t make exceptions based on business size or awareness. Non-compliance is measured by what happened at the point of sale - not by what the merchant understood about the laws at the time.

The Timeline Every Merchant Needs to Know

Deadlines in the chargeback process are not suggestions. Missing one by even a day can cost you a dispute you would have otherwise won, so it pays to know when the clock starts and how long each party has to act.

An issuing bank has 120 days from the transaction processing date to file a chargeback. That window sounds generous, but it can pass faster if you are not actively watching your account for incoming disputes. The processing date is what matters here - not the date the customer complained or the date the fraud was flagged.

Once a chargeback lands, your acquirer gets 45 days to send a second presentment - also called a re-presentment - on your behalf. This is the formal response that puts your evidence in front of the issuer. If your acquirer misses that 45-day window, your dispute is dead regardless of how strong your case is.

To put this in context, PIN-based fraud losses run at roughly 0.035% - an extremely low rate that reflects how well chip and PIN technology works in practice. The chargeback process exists exactly because that protection breaks down when a merchant does not have the hardware to support it.

The helpful takeaway is that you need a system to catch incoming chargebacks fast. Relying on a notification from your processor is not a reliable strategy when 45 days can disappear faster than you expect. Merchants who consistently miss these windows often find themselves classified as excessive chargeback merchants, which carries serious consequences for your account standing.

How to Fight a 4871 Chargeback and Actually Win

Not every 4871 chargeback is worth disputing, but if your terminal was chip-compliant and the card was read by the chip reader, you have a legitimate case to make. The important thing is to learn about what evidence to pull together and get it submitted before the 45-day response window closes.

Your strongest piece of evidence is proof that the chip was read during the transaction. Transaction logs that show an integrated circuit card (ICC) read - not a magnetic stripe fallback - tell the card network that your equipment did what it was supposed to. Pair that with your terminal compliance records to show the device was certified and active at the time of the sale.

Authorization data matters too. A full authorization response with the correct approval code shows the transaction was processed through the proper channel. If you have it, include any cryptogram data generated during the chip read - this is the technical detail that strengthens a re-presentment considerably.

What Tends to Sink a Dispute

The most common reason merchants lose a winnable case is a missed deadline. Forty-five days is plenty, but it goes fast when a business is busy. Put a reminder in place when you receive a dispute notification.

Incomplete submissions are the other big problem. A receipt alone won’t cut it. The card network needs to see the full picture - terminal logs, authorization records, and compliance documentation together in one submission. A partial file usually causes a lost case, even when the underlying facts support the merchant.

It’s also worth being honest with yourself about when not to fight. If your terminal was on magnetic stripe fallback at the time of the transaction, the liability already sits with you under the 4871 rules and a dispute won’t change that outcome. Time spent on an unwinnable case takes energy away from the disputes you could resolve in your favor.

When the facts are on your side - compliant terminal, chip read confirmed, full authorization documented - submit everything you have and do it early. A well-prepared re-presentment gives you an actual shot at a credit card reversal.

Keep Your Terminals Compliant and Your Chargebacks Low

There are a few helpful steps worth taking to make sure your business is protected:

• Audit your terminals. Confirm that every point-of-sale device is EMV-certified and actively processing chip transactions - not falling back to swipe without cause.
• Train your staff. Employees should know how to guide customers through chip card insertion, recognize when a fallback is occurring, and understand why following the correct flow matters.
• Keep thorough records. Detailed transaction logs, including authentication method used, are your first line of defense if a dispute escalates.

The liability change can seem like an unfair burden placed on merchants, but it finally rewards people who invest in protected, compliant processes. Once the framework clicks, it can become far less scary and far more manageable. Merchants who take the time to get this right are not just reducing chargeback danger - they are building the payment infrastructure that protects their customers and their bottom line at the same time.