You want to do right by your customers. This is especially true when a dispute arises, and you find yourself at odds with a buyer. You both have set rules to follow here. So, it helps to know what the rules are before getting started.
When customers are the victims of payment fraud or deceptive merchant practices, they have the right to file a chargeback. But where does that right come from? Are there credit card chargeback laws on the books guaranteeing consumer protections against fraud
As a matter of fact, there are.
Chargeback laws date back almost five decades. At that time, credit cards were still a new innovation. Of course, a lot’s changed since the mid-Seventies. So, let’s take a look at the laws governing the chargeback process, and see how they’ve held up over the decades.
1968
This law was originally enacted as Title I of the Consumer Credit Protection Act. The original purpose of TILA was to promote the informed use of consumer credit. For example, the act allows consumers to cancel some credit transactions involving a lien on the person’s primary home.
In 1970, legislators expanded the law, prohibiting issuers from sending unsolicited credit cards to consumers. Several other amendments and updates to the act, such as those contained in the 2010 Dodd-Frank Act, passed into law in successive decades.
1974
Six years after the original legislation passed, the FCBA came about as an update to TILA. This ruleset helped clarify details of the original legislation–specifically how they pertain to the following:
1978
The Electronic Fund Transfer Act (EFTA, sometimes referred to as Regulation E) is a federal mandate aimed at financial institutions requiring banks to provide certain information to customers regarding electronic fund transfers (EFTs). It also regulates how banks respond to consumer complaints and limits liability for lost or stolen debit cards.
The EFTA was first enacted in 1978. It was adopted as a direct response to the increased use of Automated Teller Machines (ATMs). The mandate requires transparency from financial institutions concerning electronic transfers. It also limits consumer liability for unauthorized transactions.
The Act also governs how financial institutions assign liability if a customer’s card is lost or stolen. For merchants, this may be the essential aspect of the mandate.
1984
The Computer Fraud and Abuse Act (CFAA) of 1984 is a United States federal law that primarily addresses the unauthorized access and use of computers and related systems. The law aimed at protecting sensitive information, and setting penalties for unauthorized access.
The CFAA is the primary federal legislation protecting digital data against unauthorized breaches in the United States. It applies to any computer with an internet connection, plus standalone computers used by federal entities and financial institutions, and is aimed at preventing unauthorized access and protecting sensitive information.2009
Signed into law in May 2009, the Credit Card Accountability Responsibility and Disclosure (CARD) Act — also known as the Credit CARD Act or the Credit Cardholders' Bill of Rights — aimed to “...establish fair and transparent practices relating to the extension of credit under an open end consumer credit plan…”
Specifically, the law established protections for consumer borrowers and imposed fee caps on credit card issuers. The law also placed restrictions on interest rate hikes, reformed unfair billing practices, and limited the extent to which issuers could market credit cards to young adults. In this way, the law fundamentally changed the average cardholder's relationship to credit card use.
State and federal legislation aren’t the only texts that govern chargebacks. Payment networks also have published rules that offer guidance on managing chargebacks.
Visa’s 63-page Dispute Management Guidelines for Visa Merchants, for instance, was last updated in June 2024 as of this writing. It outlines the dispute resolution process for a transaction processed through the company’s network.
The Mastercard Chargeback Guide Merchant Edition, most recently updated in May 2025 (as of this writing), is even longer. Within the 422-page document are procedures for responding to arbitration and compliance chargebacks, as well as information on chargeback reason codes.
The Fair Credit Billing Act of 1974, or FCBA, is a federal law designed to protect consumers from unfair credit billing practices and build consumer confidence in then-new forms of credit in the process. The act serves as the legal basis for the chargeback process.
Six years after the original legislation passed, the FCBA came about as an update to TILA. This ruleset helped clarify details of the original legislation; specifically, how the law pertains to practices tied to credit cards, how to provide a means to dispute credit billing, and how to disclose maximum interest rates in a variable-rate credit contract.
Read MoreThe Fair Credit Billing Act of 1974, or FCBA, is a federal law designed to protect consumers from unfair credit billing practices and build consumer confidence in then-new forms of credit in the process. The act serves as the legal basis for the chargeback process.
Six years after the original legislation passed, the FCBA came about as an update to TILA. This ruleset helped clarify details of the original legislation; specifically, how the law pertains to practices tied to credit cards, how to provide a means to dispute credit billing, and how to disclose maximum interest rates in a variable-rate credit contract.
Read MoreThe Electronic Fund Transfer Act (EFTA, sometimes referred to as Regulation E) is a federal mandate aimed at financial institutions requiring banks to provide certain information to customers regarding electronic fund transfers (EFTs). It also regulates how banks respond to consumer complaints and limits liability for lost or stolen debit cards.
The EFTA was first enacted in 1978. It was adopted as a direct response to the increased use of Automated Teller Machines (ATMs). The mandate requires transparency from financial institutions concerning electronic transfers. It also limits consumer liability for unauthorized transactions.
The Act also governs how financial institutions assign liability if a customer’s card is lost or stolen. For merchants, this may be the essential aspect of the mandate.
Read MoreThe Computer Fraud and Abuse Act, or the CFAA, is the federal anti-hacking statute prohibiting unauthorized access to computers and networks. This chapter will explain everything you need to know about the CFAA, including what it is, why it was adopted, how the law is enforced, and how businesses can thrive under the law.
Read MoreSigned into law in May 2009, the Credit Card Accountability Responsibility and Disclosure (CARD) Act — also known as the Credit CARD Act or the Credit Cardholders’ Bill of Rights — aimed to “…establish fair and transparent practices relating to the extension of credit under an open end consumer credit plan…”
Specifically, the law established protections for consumer borrowers and imposed fee caps on credit card issuers. The law also placed restrictions on interest rate hikes, reformed unfair billing practices, and limited the extent to which issuers could market credit cards to young adults. In this way, the law fundamentally changed the average cardholder’s relationship to credit card use.
Read MoreUltimately, the Uniform Commercial Code, or UCC, outlines current chargeback practices.
The UCC aims to standardize the laws governing sales and commercial transactions throughout the US market. This is an important function; the UCC ensures that companies can look to a single, reliable authority for compliance. Otherwise, they’d have to deal with a complicated patchwork of state and territorial laws to conduct interstate commerce. This would be impossible for most businesses to do.
Read More
US laws on chargebacks include The Truth in Lending Act (TILA) of 1968, the The Fair Credit Billing Act (FCBA) of 1974, and The Electronic Funds Transfer Act (EFTA) of 1978. Section 4-214 of the Uniform Commercial Code (UCC) also outlines chargeback rights and practices.
Consumers typically have at least 120 days to initiate a chargeback against merchant billing errors or fraudulent transactions. In certain instances, chargebacks can be initiated up to 540 days subsequent to the transaction date.
Cardholders who use Visa-branded credit or debit cards have, in certain instances where goods are services are not delivered, up to 540 days to file a chargeback. In most cases, however, consumers must file a dispute with their issuing bank within 120 days of the transaction date.
CFAA penalties can range from short-term imprisonment to up to 20 years for repeat offenders or grave infractions.
Yes, computer fraud is a crime. It involves unauthorized access, data theft, or manipulation of digital systems with deceitful intent.
Computer fraud involves the use of computers, networks, or digital devices to conduct phishing attacks, commit identity theft, transfer funds without authorization, or carry out other forms of fraud. Computer fraud is largely governed by the Computer Fraud and Abuse Act (CFAA) of 1986.
No. The FCBA governs the relationship between consumers and issuers. Merchant chargeback liability comes from card network rules and your merchant agreement — not federal law.
Potentially, for fraud or breach of contract. But FCBA doesn’t prevent this; it just limits consumer liability to the issuer.
Card networks have created dispute processes that exceed FCBA minimums. Banks follow network rules, which are more generous to consumers than the law requires.
The FCBA governs billing disputes on credit accounts. The FCRA governs credit reporting and how credit bureaus handle your information.
No. Debit card disputes are governed by the Electronic Fund Transfer Act (EFTA), a separate law with different rules.
No. The chargeback process was created by the Fair Credit Billing Act of 1974, which amended TILA, but was not originally part of the legislation.
