Maximise small business revenue with digital payment solutions
This Chargebacks and disputes guide is applicable to both card-present and card-not-present transactions (ie. MOTO & eCommerce) and encompasses the schemes we offer such as American Express, eftpos, Mastercard, UnionPay International (UPI), AliPay, and Visa cards.
What is a chargeback?
A chargeback occurs when a cardholder disputes a transaction that was processed via your merchant facility. This usually happens when a cardholder believes the transaction was processed incorrectly, was not authorised by them, or goods/services were not received, or as described.
The cardholder raises a dispute with their card issuer, through the schemes (Visa, Mastercard, etc). who in turn raises this with Tyro if the chargeback meets chargeback lodgement requirements.
Please note that the chargeback rules and process is not governed by Tyro or any other Australian Bank, but rather by the schemes (Visa, Mastercard, etc.). The rules regarding the use of credit cards, the payments they are used for, and the subsequent chargeback process are also mandated by them, including MOTO transactions. The final ruling is made by the respective scheme and cannot be reversed.
Common reasons for chargebacks
- A cardholder’s card number was stolen and used fraudulently/without their consent
- A cardholder believes that goods/services were not provided in part or in full, or were defective/damaged, or were not as described
- A cardholder believes they were charged more than once for the same purchase
- A cardholder believes they were unable to obtain a refund or replacement or credit for returned goods
How will I be notified when receiving a chargeback?
Tyro will communicate with you via email to notify you of a chargeback raised against your EFTPOS machine.
It’s important that you inform Tyro immediately when you change your contact details. If your contact details are not up-to-date when a chargeback is received, Tyro may not be able to contact you in the required timeframe and you may lose the opportunity to defend the chargeback.
Chargeback cases are bound by very strict timeframes, and as such, failure to provide sufficient information will close the case in favour of the cardholder. In this event, your account will be debited for the amount of the chargeback.
What do I need to do if I want to accept a chargeback?
If you would like to accept a chargeback, Tyro will debit the nominated account for the chargeback amount and the account will be reimbursed. No further actions will be required from your end.
How do I dispute a chargeback?
If you would like to dispute a chargeback, you must respond to Tyro in the timeframe prescribed in our chargeback notification email and provide Tyro with details of the transaction, correspondence with the cardholder, as well as strong compelling evidence that refutes the cardholder’s claim.
Tyro will take steps to defend a chargeback raised against you where it is allowable under chargeback rules. Tyro must comply with prescribed timeframes and transaction processing requirements, and may only submit acceptable documentation.
What documents should I provide to dispute a chargeback?
The documentation required depends on the nature of the chargeback and Tyro’s chargeback notification email will outline this.
Examples of valid documentation include:
- Signed proof of delivery;
- Communication with the cardholder;
- Signed contracts;
- Signed Terms & Conditions (that were appropriately disclosed to the cardholder)
- Photo ID of the cardholder cannot be used in the CB scenario, it is good for Police/Fraud investigation though.
- Tax invoice with item description, cardholder’s name and billing address.
How much time do I have to dispute a chargeback?
You will have 7 days to respond to Tyro once you have received your chargeback notification email and to provide the relevant information and documentation outlined in the email.
When will I know if my chargeback defence was successful?
The card issuer generally has between 30-45 calendar to dispute the acquirer’s defence of a chargeback. Tyro will only contact you in case of an unsuccessful presentment.
What is arbitration?
If acquirers and issuers cannot agree on the outcome of a chargeback, an opportunity may exist to ask the applicable card scheme to arbitrate on the case to determine who wears the financial liability. Fees are levied by the card schemes when arbitration cases are raised and this dispute resolution option is generally only pursued in material dispute scenarios involving high value/high stakes or complex cases. Arbitration is not a good option when the associated fees outweigh the chargeback value at risk.
Best practices and tips for avoiding chargebacks
All transaction types:
- Authorisation process – Understand that the transaction authorisation process only confirms that the card used in the payment transaction has not been blocked by the card issuer and has sufficient funds to cover the transaction value. Even though an authorisation may return an “approval”, it does not mean that the card is being used by the genuine cardholder, and this is a particularly important consideration when processing Mail Order/Telephone Order (MOTO) transactions and eCommerce transactions. In the event of a chargeback, it is your responsibility to prove the actual cardholder (and not a fraudster in possession of the card details) initiated and completed the transaction, meaning that the chargeback risk of these transactions resides with you, not Tyro or the cardholder.
- Providing refunds – When providing refunds, only refund to the card used in the corresponding payment transaction and never provide a refund for more than the value of the corresponding sale. If you process a payment on a card and then refund to a different card or by another payment method such as a bank transfer, the different card or other payment destination has immediate access to the funds and a chargeback may be received against the card used in the corresponding payment transaction, leaving you out of pocket.
- Never process payments for others – If you process payments on behalf of a third party, you wear the liability for those transactions. This might include chargebacks and financial penalties that result from fraud, non-delivery of goods/services, or compliance breaches relating to the sale of illegal goods or engagement in financial crimes.
- Requests to change the transaction value – Never increase the value of a payment transaction to cover monies owed by a cardholder to an unknown third party (such as a courier service, wedding planner, pick-up truck, florist, caterer, etc.) and never make payments to these third parties via money or bank transfer. Fraudsters use this method, known as Funds Transfer Fraud, as a mechanism to extract cash from businesses, generally by placing larger value orders over the phone. This often results in monies being transferred to (say) a courier engaged in the fraudulent activity and a fraud chargeback being received because the card used in the payment transaction was stolen.
- Split payments – Never split payments into smaller amounts using the same card, especially when this is requested by the cardholder, as this may result in chargebacks. As two parts of a bill were paid under the same card in a very short timeframe, the schemes (Visa, MasterCard, etc) may rule in favour of the cardholder. According to the scheme rules when these cases occur, where a bill is split but two parts of a bill will be taken in the same card, the merchant should reverse the first transaction back to the same card, and then process one payment for both amounts.
- Trading name – Ensure that the trading name used by your merchant facility is consistent with the name used by your business on its signage, correspondence, invoices, and website. This will assist in preventing cardholders from raising chargebacks because they are unfamiliar with the name appearing on their card statement.
- Conditions of sale – Make cardholders aware of your conditions of sale, including your refund/return policies, and quickly respond to cardholder queries, complaints, and requests for refunds/exchanges when they are raised. Your ability to defend a chargeback may be strengthened if the cardholder formally accepts your conditions of sale, whether this is by way of a signature, a formal communication such as an email, or a “click-to-accept” when conducting an eCommerce transaction.
- Shipping goods – When shipping goods, it is advisable to request cardholders to sign for deliveries and provide photo ID, however this does not guarantee protection in the event of a chargeback.
- Keep records – Keep transaction records and copies of correspondence with the cardholder for a minimum of eighteen (18) months, as this may be relevant and useful in responding to chargebacks.
Card present transactions:
- Always dip/tap cards – Card-present payments allow for more security and leave you less vulnerable to those who may wish to utilise card details without authorisation. Never process a MOTO transaction when the carhdolder is present, as this greatly increases the risk of chargebacks.
- Maintain control of the EFTPOS machine – When you dip the card and ask the cardholder to key their PIN, maintain focus on your merchant EFTPOS machine at all times and never allow the cardholder to operate the EFTPOS machine when unattended. This will prevent the cardholder from cancelling the authenticated chip transaction, engaging the MOTO functionality on the EFTPOS machine if this is turned on, and processing a card not present MOTO transaction that leaves you vulnerable to fraud chargebacks. When unattended, specifically out of business hours, ensure your merchant EFTPOS machine is stored safely to avoid theft and manipulation and check the EFTPOS machine each day for any signs of tampering.
Mail Order Telephone Order (MOTO) transactions:
- Higher risk – Understand that MOTO transactions are riskier than other transactions and are more likely to result in a chargeback as the cardholder is not present when the transaction occurs. In the event of a chargeback, it is your responsibility to prove the actual cardholder (and not a fraudster in possession of the card details) initiated and completed the transaction, meaning that the chargeback risk of these transactions resides with you, not Tyro or the cardholder. Given the heightened risk of MOTO fraud, Tyro may switch this functionality off in its discretion in order to protect its merchants.
- Risk appetite for loss – MOTO transactions should only be processed when the value of the transaction sits within your risk appetite for loss. It is often said that if a purchase (or sequence of purchases) seems too good to be true, then it probably is and caution should be taken before shipping goods or providing services. Make every effort to know the identity of the cardholder and verify this information where possible.
- Higher risk transactions – Fraud can occur in many different ways and there is no silver bullet when it comes to preventing fraud chargebacks. That said, you should apply caution when processing:
-
- Unusually high-value orders
- Multiple transactions on the same card to different shipping addresses, or the use of multiple cards with the same shipping address
- Multiple different cards originating from the same email address or IP address
- Multiple transactions on the same card in a short time period, especially for large value items
- Orders with different billing and shipping addresses, especially for large value items
- Bulk orders, especially for high-value goods or infrequently purchased high-quality items
- Orders with unusual addresses or addresses that can’t be verified
- Orders requiring expedited shipping, particularly for large value items or duplicate items
- Orders from higher risk jurisdictions, especially where the goods being sold are commonly available in that jurisdiction
- Refunds when the cardholder requests the refund to a different card or cards
- Always ensure you grab the contact details (name, surname, email and phone number) of anyone wishing to make a purchase over the phone or online
- Ask for the name of the issuing Bank on the card (whilst this is not something you need; it may help to catch out potential fraudsters who don’t have the card with them)
- Email purchase confirmation together with T’s & C’s/return or refund policy to all purchasers and ask for an acknowledgement email that they have received and agree (if applicable)
- In case of collection, inform the person making the purchase that they will need to bring the original credit card and their ID (which will be verified) in order to collect the goods/redeem the service. In case of delivery, do not release the goods until the credit card used for the purchase and ID have been verified and cross-referenced to satisfy your risk appetite
- Always verify the card used for the purchase and the ID at the time of receipt of collection of the goods. If the original card is not present or the names don’t match, refund/reverse the transaction back onto the original card and take a card-present transaction. Should the cardholder not have the original card, or a mismatched ID, or be unwilling to make a card-present transaction, you have to assess your risk appetite for this transaction. Please remember you also have the option to ask for an alternative form of payment (such as a Bank Transfer). It is imperative that you do not offer a refund by any other means except back onto the original card, as this may result in a double loss for the business
eCommerce transactions:
- Higher risk – Understand that eCommerce transactions are riskier than other transactions and are more likely to result in a chargeback as the cardholder is not present when the transaction occurs. In the event of a chargeback, it is your responsibility to prove the actual cardholder (and not a fraudster in possession of the card details) initiated and completed the transaction, meaning that the chargeback risk of these transactions resides with you, not Tyro or the cardholder.
- Risk appetite for loss – eCommerce transactions should only be processed when the value of the transaction sits within your risk appetite for loss. It is often said that if a purchase (or sequence of purchases) seems too good to be true, then it probably is and caution should be taken before shipping goods or providing services. Make every effort to know the identity of the cardholder and verify this information where possible.
- Understand transaction types – there are two main types of eCommerce transactions and this is important in the context of fraud:
- Cardholder initiated transactions – where the cardholder enters their card details via a shopping cart or hosted payments page in a browser or an application on a smart device.” to ” where the cardholder has active participation in the transaction; such as entering their card details via a webpage in a browser, or an application on a smart device. From October 2020, to help reduce fraud and fraud chargebacks, a merchant feature that generally makes the issuer responsible for chargeback liability on cardholder initiated fraudulent transactions by authenticating the cardholder on eligible transactions before the they are processed. EMV 3DS will be available to onboarding merchants and progressively made available to existing merchants. EMV 3DS authentication does not guarantee chargeback rights against fraud chargebacks and should not replace a merchant’s risk management processes. Merchants should always consider cancelling and refunding online orders that are suspicious.
- Merchant initiated transactions – where the business enters card details via a Virtual Terminal (i.e. Mail Order Telephone Order transactions) or recurring billing facility (i.e. Subscriptions). Unlike cardholder initiated transactions noted above, EMV 3DS authentication is not available for these transactions.
- Higher risk transactions – Fraud can occur in many different ways and there is no silver bullet when it comes to preventing fraud chargebacks. That said, you should apply caution when processing:
- Unusually high-value orders;
- Multiple transactions on the same card to different shipping addresses, or the use of multiple cards with the same shipping address;
- Multiple different cards originating from the same email address or IP address;
- Multiple transactions on the same card in a short time period, especially for large value items;
- Orders with different billing and shipping addresses, especially for large value items;
- Bulk orders, especially for high-value goods or infrequently purchased high-quality items;
- Orders with unusual addresses or addresses that can’t be verified;
- Orders requiring expedited shipping, particularly for large value items or duplicate items;
- Orders from higher risk jurisdictions, especially where the goods being sold are commonly available in that jurisdiction;
- Refunds when the cardholder requests the refund to a different card or cards.
- Click & Collect – Care should be taken when processing Click & Collect transactions, where cardholders pay online and collect in store, specifically where this involves the sale of alcohol or high-value goods. You should have procedures in place to validate the identity of the cardholder, confirm the age of the individual collecting the goods when there are applicable age restrictions, and sight the physical card to confirm it is valid and the card name matches the identification provided by the cardholder.
- Website requirements – Follow Tyro’s Website Requirements for eCommerce transactions, which are designed to assist you in meeting card scheme requirements and provide greater protection against chargebacks when processing eCommerce transactions. These requirements will be communicated to you at the time of onboarding and may include specific requirements for some business types.
*Mastercard is a registered trademark, and the circles design is a trademark of Mastercard International Incorporated.