• Mobile payments technologies and the impact on issuers and merchants
• Tokenization
• Payments authentication using mobile devices
• Integration of the mobile wallet “Pays” at the POS
• EMVCo Payment Account Reference (PAR)

Chip Liability Shifts and Chargeback Codes
In connection with the migration to EMV in the U.S. and implementation of payment network counterfeit and lost/stolen fraud liability shifts, chargeback reason codes were established for counterfeit, and lost/stolen EMV chip card transactions covered by those chip liability shifts (CLS) (“CLS chargebacks”).

These new chargeback reason codes are because the U.S. is not 100 percent chip enabled. To help ensure that purported CLS chargebacks are valid, network requirements exist that issuers must meet and networks should monitor chargeback activity for validity. There are other steps that issuers, acquirers and merchants can take, which in turn will help minimize the number of chargebacks opened.

Issuer Authorization Best Practices for Authorization

Magnetic Stripe Cards at any Terminal
If an issuer has not yet issued chip cards, or has begun but has not completely replaced all magnetic stripe cards with chip cards, they are strongly encouraged to continue to follow the risk management protocols in place today, as well as use the risk management tools available to detect and decide whether to decline high risk transactions. As with all magnetic stripe transactions the card security code on the magnetic stripe should be checked and validated, since the card security code ⁵ prevents fraudsters from altering values such as the expiration date on the card.

Chip Cards at a Magnetic Stripe Terminal
If an issuer has distributed chip cards, those cards will still be used at merchants who have not yet migrated to chip. Issuers are strongly encouraged to continue to follow the risk management protocols in place for magnetic stripe cards, as well as use the risk management tools available to them to detect and decide whether to decline high risk transactions. Once again, issuers should check and validate the service code on the chip card and the transaction type. In this case, however, they should decline chip card transactions with any service code starting with a number other than 2 or 6.

Chip Cards at Chip Terminals
If an issuer has distributed chip cards, and the card is used at a successfully certified EMV-capable terminal, issuers may wish to consider adjusting their risk protocols, since there is a high degree of certainty that the transaction is genuine if processed as a chip-on-chip transaction.

Merchant Best Practices for Obtaining an Authorization Response and Avoiding CLS Chargebacks

Merchants Who Are Not Yet Chip-Enabled
While the best defense against counterfeit fraud is to implement EMV chip technology, there are some best practices that merchants can implement to help reduce fraud for point-of-sale (POS) transactions before migrating to EMV.

• Read and compare verification
• Check cardholder’s ID, if necessary
• Perform velocity checks
• Establish a strategy for transactions that could involve counterfeit
• Implement PIN prompting for debit transactions

• Scrutinize fallback transactions
• Certify for online and offline PIN for both credit and debit
• Maintain data quality across authorization and settlement messages

Merchant and Acquirer Best Practices for Disputing and Mitigating CLS Chargebacks
There are a number of valid reasons an acquirer or merchant may re-present a CLS chargeback, including: invalid documentation, incorrect service code, identification of the transaction as AFD or contactless, and other data that indicates that the transaction was valid. In any dispute, the authorization information, not the clearing information, for each individual transaction will help determine the validity of the reported CLS chargeback.

Network Differences for Lost/Stolen CLS Chargebacks
For networks that do not support lost/stolen liability shift, only counterfeit fraud may be charged back. For networks that do support lost/stolen liability shift, the cardholder must indicate the sale resulted from a lost/stolen, PIN-preferring card in order to issue a CLS chargeback for lost/stolen fraud and shift liability to the merchant. In addition, PIN (online or offline) must be higher priority than signature on the PIN-preferring chip card’s Cardholder Verification Method (CVM) list and the merchant terminal did not have the ability to support PIN or did not have a working PIN pad at the time of the transaction.

Conclusion
The issues surrounding liability shift, chargebacks and re-presentments are somewhat complex, but all hinge on the authorization process and data integrity. Most acquirer/merchant disputes of chargebacks are resolved between the issuer and acquirer/merchant. Where agreement cannot be reached, the final resolution rests with the network responsible for processing the transaction.
As issuer and merchant chip implementations become more robust and data quality improves, the occurrence of invalid CLS chargebacks is expected to decrease. More importantly, as the U.S. EMV migration progresses, the number of card-present disputes is expected to drop off as counterfeit fraud is reduced by EMV implementation. This is the ultimate goal of the U.S. migration to EMV and one on which issuers, merchants, networks and acquirers can all agree.

References
[1] “Global Card Fraud Damages Reach $16B,” PYMNTS.com, August 6, 2015, http://www.pymnts.com/news/2015/global-card-fraud-damages-reach-16b/
[2] “Card fraud figures,” UK Cards Association, http://www.theukcardsassociation.org.uk/plastic_fraud_figures/
[3] “Credit Card Fraud and Interac Debit Card Statistics – Canadian Issued Cards,” Canadian Bankers Association, July 2015, http://www.cba.ca/contents/files/statistics/stat_creditcardfraud_en.pdf
[4] “Understanding the 2015 U.S. Fraud Liability Shifts,” Version 1.0, EMV Migration Forum white paper, May 2015, http://www.emv-connection.com/understanding-the-2015-u-s-fraud-liability-shifts/
[5] Card security code examples: CSC, CID, CVC or CVC2, CVV or CVV2, PCSC

About this Article
This article is an extract from the white paper, “EMV Chargeback Best Practices,” published by the EMV Migration Forum (now the U.S. Payments Forum) in June 2016.

• The Forum published a new white paper and hosted a successful webinar on EMV Chargeback Best Practices. The white paper and webinar discuss the appropriate treatment and mitigation of both counterfeit and lost/stolen chip liability shift chargebacks occurring after the liability shift dates for contact chip cards used in attended transactions. Both the white paper and webinar recording are available on the EMV Connection web site
• The Card-Not-Present (CNP) Fraud Working Committee updated the white paper, Near-Term Solutions to Address the Growing Threat of Card-Not-Present Fraud, with two new appendices. The appendices provide industry definitions of CNP, related industry terms and high-level use cases and add a comparison of 3D-Secure Version 1.0.2 and Version 2.0
• The Forum published an update to the Minimum EMV Chip Card and Terminal Requirements – U.S. matrix. The matrix includes the minimum card and terminal EMV requirements for the U.S. payment networks American Express, Armed Forces Financial Network (AFFN), China UnionPay, Discover, Jeanie, MasterCard, NYCE, PULSE, SHAZAM, STAR and Visa, in the context of the U.S. electronic payments marketplace and the October 2015 liability shifts. The July 2016 Version 2 update includes changes to incorporate requirements for the recently announced faster EMV solutions (i.e., Quick Chip and M/Chip Express) from American Express, Discover, MasterCard and Visa
• The Smart Card Alliance Payments Council published the white paper, Contactless EMV Payments: Benefits for Consumers, Merchants and Issuers, and is hosting two webinars on the topic. The merchant-focused webinar is on Thursday, October 6, at 1pm ET/10am PT, and will focus on merchant opportunities and implementation considerations; a second issuer-focused webinar will be held on Wednesday, November 9, at 1pm ET/10am PT

• The ATM Working Committee hosted the “Implementing EMV at the ATM Workshop” on September 19, their first session in an ongoing series of workshops designed to educate credit unions, community banks and independent providers about the transition to EMV at the ATM. The workshops target stakeholders that are not currently members of the U.S. Payments Forum in the local regions surrounding Forum events
• As part of the workshop series mentioned above, the ATM Working Committee has coordinated with the National ATM Council (NAC) to present their next session of the “Implementing EMV at the ATM” workshop at the NAC2016 Conference & Expo on October 19 in Lake Buena Vista, Florida

• The Card-Not-Present Working Committee finalized two updates to the “Near-Term Solutions to Address the Growing Threat of Card-Not-Present Fraud” white paper. The updates include a definition of card-not-present fraud and a comparison of the latest release of 3D-Secure v2.0 with the first version. Both updates have been added as appendices to the white paper

• On June 17, 2016, the Communications & Education Working Committee hosted the “Best Practices for EMV Instant Issuance” webinar to supplement their white paper on the same content: “Implementing EMV in the U.S.: Best Practices in Support of EMV Instant Issuance.” The webinar was a great success and offered stakeholders an overview of the project phase for implementing an EMV instant issuance solution

• ALDI
• ATMequipment.com
• Federal Reserve Bank of Atlanta - Retail Payments Risk Forum
• PAX Technology Inc.
• Reef Karson Consulting, LLC