3D Secure Liability Shift
Prepaid cards do not receive a liability shift.
Mastercard
Mastercard 4837: No Cardholder Authorization
A liability shift applies, which prevents issuers from opening chargebacks with reason code 4837 for transactions properly authenticated and identified through 3DS.
The liability shift applies to the following ECI values:
- ECI 01: Attempted
- ECI 02: Authenticated
The Mastercard fraud chargeback liability shift does not apply if the ECI is 00.
Visa
Visa 10.4: Other Fraud – Card-Absent Environment
The liability shift applies to the following ECI values (provided that the transaction does not meet any of the criteria for exclusions listed in the table below):
- ECI 05: Authenticated
- ECI 06: Attempted
The Visa fraud chargeback liability shift provided with 3DS does not apply under the following conditions:
Scope | Restriction | ECI | Description |
|---|---|---|---|
Global | 07 | Liability shift does not apply | |
Global | Any | An Electronic Commerce Transaction in which the Issuer responded to an Authentication Request with either:
| |
Global | 05 or 06 | Merchants will receive a CAVV for authenticated and attempted authentication transactions which they must provide in the authorization message. For ECI 05 or ECI 06 transactions where a CAVV was not received in authorization, the ECI will be reclassified to ECI 07. | |
Global | Non-Reloadable Prepaid | 06 | Non-reloadable Visa prepaid cards are not required to participate in the Visa Secure program, but issuers may elect to participate. |
Global | Visa Fraud Monitoring Program | 05 or 06 | Merchants are not protected if they have been identified in the program. |
U.S. | Visa 3-D Secure Fraud Monitoring Program | 05 or 06 | Merchants are not protected if they have been identified in the program. |
U.S | Merchant Restricted Merchant Category Codes (MCCs) | 05 or 06 | Merchants are not protected if their MCC is one of the following: |
Other Resources
Updated 7 days ago