The History and Evolution of Chargebacks
The history of chargebacks really doesn't go back very far: less than fifty years, in fact. In that short span of time, however, what started as a consumer protection mechanism evolved into a dangerous threat. While chargebacks still work as originally intended, consumers have learned ways to exploit the process…and eCommerce merchants are paying the price.
Where Did the Chargeback System Come From?
Cardholders who feel that a credit card transaction is inaccurate or unfair have the option of filing a chargeback with their bank (the "issuer"). A chargeback basically gives the bank permission to forcibly remove funds from a merchant's account and return the monies to the customer's account.
But where did this system originate? Obviously, the history of chargebacks is irrevocably linked to the history of credit cards themselves. This brief overview outlines how the concept of credit cards developed, when and why chargebacks were added to the mix, and what happened to make the system unworkable.
First Reported Credit Identity Theft
The basic concept behind credit cards--using something of no intrinsic value to represent a financial transaction--is almost as old as commerce itself. By the turn of the 20th century, many merchants were issuing credit coins and/or charge plates to regular customers as a way of extending credit.
Public transportation companies, for example, issued passes that allowed holders to ride on credit, then settle up at the end of the month. In 1899, an enterprising man observed another man tossing his "credit card" in the trash. Retrieving the card, the first man was able to use it for a month, running up a huge tab on the original owner's bill ... creating the first recorded case of credit card ID theft.
Throughout the first half of the century, a number of department stores and gas stations issued their own proprietary cards. Similar to modern-day department store cards, they were accepted only at the issuing merchant, who considered them a way to boost customer loyalty.
A New York banker named John Biggins took the idea one step further by creating the Charg-It card, which allowed credit at multiple local merchants ... but only for customers of Biggins' Franklin National Bank.
Other banks took up Baggins' idea, but there was a significant difference in these cards and modern credit cards: back then, accounts had to be paid in full at the end of each month. The year 1958 saw the debut of BankAmericard, and the first bank card that offered revolving credit at any participating merchant. BankAmericard was the forerunner of what we now know as Visa; MasterCharge--which would become Mastercard--showed up a few years later.
It should be noted that instead of waiting for customers to decide if they were interested, BankAmericard jump-started the process by mailing 60,000 cards to unsuspecting customers. This blind mass-mailing technique was standard practice for the first few years, resulting in a lot of credit cards going to people who normally wouldn't qualify for a credit card. Not surprisingly, trouble followed.
Magnetic Stripes and Truth in Lending
Bank cards had gone global, but they still hadn't gained the widespread acceptance the networks were hoping for. US customers in particular were suspicious of this newfangled payment method. The Federal Reserve Board allayed some of these fears with The Truth in Lending Act of 1968, which requires lenders to conspicuously provide customers with loan cost information. This includes annual percentage rate (APR), term of the loan, and total costs to the borrower.
But rampant credit card fraud was still an issue, driving banks to find a faster, more secure way to process transactions. IBM introduced a technology that allowed cardholders' information to be encoded in on a magnetic stripe attached to the plastic card. A multiple-day time lag for verifications was reduced to a matter of seconds.
Fair Credit Billing Act
Even with new safety technology and regulations in place, people still worried that their card could be lost or stolen--leaving them stuck paying for unauthorized transactions. There were also fears of unscrupulous merchants inflating prices or tacking on transaction fees after the fact. The Fair Credit Billing Act of 1974 attempted to address these issues by creating what we now know as a chargeback.
The chargeback option reassured consumers in two ways: one, it strictly limited their liability in the case of fraud. At the same time, it helped keep merchants honest by giving cardholders the ability to fight back against deceptive practices.
Chargeback fraud is hard to fight. Let us help.
Electronic Fund Transfer Act
The EFT Act provided debit card fraud protection that was similar to that of credit cards, although not as comprehensive. While it does limit liability in the event of fraud, the customer must report the incident immediately. Also, the regulation does not stipulate repayment of any money withdrawn from the customer's account.
Note that the next event on our timeline happens nearly four decades later. During that time, the entire way we shop, work, learn, and communicate was completely upended and revolutionized. The chargeback system, however, remained largely unchanged.
EMV/ Liability Shift/Breaches
Between 2013 and 2015, a mere seven data breaches exposed personal information from over 6 billion consumers--and that doesn't include billions more from other hacks. In many cases, this gave criminals access to information that could be used in counterfeit transactions--particularly in card-not-present situations such as internet purchases. To protect their interests, card schemes began shifting from magnetic stripes to EMV "chip" cards.
The computer chip in EMV cards is more secure, but required merchants to invest in new card readers. As an incentive, the networks began shifting fraud liability to merchants who didn't upgrade. Essentially they were telling merchants "You can still use old equipment, but if a fraudulent transaction goes through, we'll hold you responsible!"
VCR and other updates
Recognizing that the legacy chargeback system wasn't working, Visa rolled out a new dispute process, Visa Claims Resolution (VCR). The new procedure sought to close profit-absorbing loopholes, reduce false claims, and improve the customer experience. For merchants, this theoretically meant fewer chargebacks filed, but less time to respond to the ones that did. Mastercard began implementing its own Dispute Resolution Initiative later that year. A similar but less comprehensive program than VCR, Mastercard's changes will be rolled out in phases through 2020.
The EU General Data Protection Regulation (GDPR) is a regulation designed to protect consumer privacy. It limits the way companies are allowed to use and store customer data. It promises to reduce the amount of personal information available in the event of a data breach, but also limits companies' ability to hold on to said data in the interest of fraud prevention. The full effects of this regulation remain to be seen.
When Chargebacks Work
Even in its current inefficient state, the chargeback system is capable of doing exactly what it was designed to do: protect cardholders from invalid charges. Experts have found that all transaction disputes are caused by one of three things:
Merchant error could be anything from a simple typo to the failure of a processing terminal. Criminal fraud comes primarily through identity theft. In both cases, there is a clear problem that is not the customer's fault--and therefore the cardholder's responsibility for repayment is limited.
With the headlines regularly reporting large-scale data breaches, it would seem that most chargebacks would come from criminal fraud. Statistics show, however, that the average merchant typically loses more revenue to friendly fraud than to merchant errors and criminal fraud combined.
Friendly Fraud: Exploiting a Massive Loophole
Friendly fraud (also called chargeback fraud) is when cardholders intentionally bypass the merchant and ask their bank for a refund directly. In some cases, this can be an honest mistake: the customer may truly believe that calling the bank is the same as getting reimbursed by the store.
But there is also an increasing number of cardholders who know their actions are dishonest, yet call the bank anyway in a form of "cyber-shoplifting." This type of behavior was always possible, but has only become a large-scale threat in the last few years. The main culprit? The proliferation of high-speed internet access, leading to the rise of eCommerce.
Shopping Has Changed. Chargebacks Haven't.
Chargebacks may be a much needed form of consumer protection, but that system was created for a society where credit cards were kept in wallets or purses. Today, however, account information can be stored in the cloud, in your phone, or in multiple online accounts.
The internet has made it easier than ever to purchase items sight-unseen. Card numbers get passed to retailers, merchandise gets shipped to customers, and eCommerce--not even a pipe dream in the 70's--now accounts for nearly 10% of total retail sales in the US.