Stay Ahead of Fraud: Understanding Liability Shift in Card Payments (2024)

Liability Shift

Liability shifts in card payments represent a pivotal change in determining which authority is liable for fraudulent transactions. This shift can occur in various scenarios, such as card-present, card-not-present, and contactless payments. Understanding these shifts is essential for merchants to safeguard their businesses and reduce financial risks. This comprehensive guide will demystify the various types of liability shifts, explore their impact on your business, and reveal how choosing the right payment service provider can shield you from potential risks.

Understanding the Liability Shift

Definition and Context

The liability shift refers to the transfer of responsibility for fraudulent transactions from one party to another. Historically, card issuers, such as banks, bore the brunt of fraud-related costs. However, with advancements in payment security technologies like EMV (Europay, Mastercard, and Visa) chips and 3D Secure, this responsibility can shift to the party that has not implemented the appropriate security measures.

Types of Liability Shifts

1. EMV Liability Shift: Applies to card-present transactions.
   1. Merchant Liability: If the merchant does not use EMV-compliant equipment.
   2. Issuer Liability: If the issuer has not issued an EMV chip card.
2. 3D Secure Liability Shift: Applies to online transactions.
   1. Merchant Liability: If 3D Secure is not used.
   2. Issuer Liability: If 3D Secure is used and authenticated.
3. Contactless Payment Liability Shift: Applies to contactless payments using NFC technology.
   1. Merchant Liability: If the merchant does not use contactless-enabled EMV-compliant terminals.
   2. Issuer Liability: If the issuer does not provide contactless-enabled EMV cards.

Impact of the Liability Shift on Merchants

Pre-Shift vs. Post-Shift

Before the liability shift, card issuers were primarily responsible for fraudulent transactions. Merchants could use older magnetic stripe technology without facing severe repercussions for fraud. Post-shift, the scenario changed dramatically. If a fraudulent transaction occurs and the merchant has not used 3DSecure protocol, the merchant or acquirer is liable for the fraud.

CNP Fraud: Where EMV Liability Falls Short

If your business primarily focuses on in-store sales, adopting EMV chip cards will undoubtedly lower your risk and liability for fraud. The tokenization technology used in EMV chips is challenging for fraudsters to hack or spoof. Even if a fraudster possesses the physical card, it is nearly useless without the PIN code.

However, eCommerce merchants face a different reality. According to the Federal Trade Commission, while EMV adoption significantly reduced in-person fraud, online credit card fraud more than doubled between 2019 and 2020. Globally, fraudsters have shifted their activities online, where there are fewer safeguards in place to prevent fraud.

Multi-Layered Fraud Prevention

To tackle the rising threat of CNP fraud, eCommerce merchants need to implement a multi-layered approach to fraud prevention. Here are some effective strategies:

1. 3D Secure Authentication: Implementing 3D Secure (e.g., Verified by Visa, Mastercard SecureCode) adds an additional layer of security by requiring customers to complete an additional verification step during the checkout process. This can significantly reduce the risk of fraudulent transactions.
2. Fraud Detection Tools: Use advanced fraud detection tools that employ machine learning and artificial intelligence to identify suspicious behavior in real-time. These tools can analyze transaction patterns and flag potentially fraudulent activities for further review.
3. Tokenization: Tokenization replaces sensitive card information with a unique identifier (token) that cannot be used outside the specific transaction. This helps protect card details from being intercepted during online transactions.
4. Address Verification Service (AVS): AVS checks the billing address provided by the customer against the address on file with the card issuer. This can help identify and prevent fraudulent transactions where the billing address does not match. Note that AVS works only in select markets and using it wisely is key to extract the maximum benefits out of this service.
5. Card Verification Value (CVV): Require customers to enter the CVV code from the back of their card during the transaction. For international cards, many issuers approve transactions even if CVV is wrong and hence additional due diligence is required to find if a transaction was a “hard” decline or a “soft” decline and take a decision.
6. Behavioral Analytics: Behavioral analytics monitor and analyze the behavior of users on your site. This can help detect anomalies and potential fraud based on how users interact with the site.

The Role of Payment Service Providers (PSPs)

What PSPs Offer

Not many PSPs today offer a range of integrated fraud and payment processing services designed to enhance payment security and simplify transaction processing. They provide simpler fraud tools such as a rule engine to use velocity checks but forget that it is easy for fraudsters to identify how to work around these rules and carry on to their fraud business.

Select PSPs in the market bundle fraud prevention and payment processing such that merchants and acquiring banks can sleep a peaceful night. These modern age PSPs offer fraud as a core part of their offering as they cater to merchants who accept payments from their global customers and these customers come from.

Fraud Detection and Prevention

Modern PSPs employ sophisticated fraud detection algorithms, machine learning, and real-time monitoring to identify and block suspicious transactions. Tools like device fingerprinting, smart orchestration that decides regional processing attributes, behavioural analytics, smartly using 3D Secure authentication, address verification services (AVS), and card verification value (CVV) checks helps them mitigate risks and protect merchants.

Benefits of Using a Credible PSP

Choosing a reputable PSP brings long-term advantages. Enhanced fraud protection reduces the risk of chargebacks, while excellent customer support ensures smooth operation and quick resolution of issues. Additionally, a credible PSP can help you stay compliant with evolving security standards.

PayGlocal's Fraud Detection Software

PayGlocal offers a state-of-the-art fraud detection solution designed to protect merchants from fraudulent transactions. Our software utilizes advanced algorithms and real-time monitoring to identify suspicious activities, ensuring that your business remains secure and compliant.

In a nutshell…

Understanding the various types of liability shifts is vital for every merchant in the digital age. By adopting EMV technology, implementing 3D Secure for online transactions, and choosing the right PSP, you can protect your business from fraud and enhance your payment security. As the landscape continues to evolve, staying ahead of fraud requires continuous vigilance and the right tools. Consider upgrading your systems and leveraging PayGlocal's advanced fraud detection software to safeguard your business and provide a secure payment experience for your customers.

We will continue to dig deeper into this topic in our next blog in this series with ideas and strategies that merchants and acquiring banks can use to ensure that for ecommerce transactions, they are protected from fraud chargebacks. We will bring deeper concepts such as difference between fraud reporting and fraud chargeback, fraud chargeback reason codes and how to avoid getting caught in the fraud vicious circle.

In the meanwhile, please reach out to our team if you are looking for a robust fraud and risk solution for your ecommerce card acceptance from a global audience.