TC40 and SAFE Fraud Monitoring

TC 40 and SAFE FAQ: Fraud Monitoring with TC40 and SAFE Chargeback Prevention FAQ: What is a chargeback? How do I prevent them? Chargeback Services TIPS: How to choose Chargeback Services & Management Chargeback Process FAQ: What is the Chargeback Process? Chargeback Representment FAQ: What is Chargeback Representment? Bank of America Chargebacks Bank of America Chargebacks Visa Chargebacks FAQ: 2020 Visa Chargeback Guide

Table of Contents

  1. What is TC40 data?
  2. What is Mastercard's SAFE?
  3. How do TC40 and SAFE work?
  4. How does TC40 data help prevent chargebacks?
  5. Can merchants view TC40 data?
  6. What requirements do TC40 and SAFE impose on banks?
  7. How do TC40 and SAFE reports impact merchants?
  8. What is a TC40 or SAFE report?
  9. Do all TC40 reports result in chargebacks?

Visa and Mastercard are  the two largest credit card networks, and as such, they have a vested interest in monitoring and preventing credit card fraud. Among the tools they use to assist in this process are TC40 (for Visa) and SAFE (for Mastercard).

Despite how they may sound, these aren’t droids from the latest Star Wars movie. They’re part of Visa and Mastercard’s credit card fraud monitoring programs, and while many merchants haven’t had to deal with TC40 and SAFE data firsthand, they're often generating a lot of it without even knowing it.

Knowing how and why this data is generated and collected can give you insights into how fraudsters might be targeting your business. In this FAQ, we’ll try to answer the most pressing questions merchants have about TC40 and SAFE, including the most important one: Can they help you avoid chargebacks?

What is TC40 data?

TC40 data is a Visa record containing information regarding cardholder fraud claims. While it does not prevent chargebacks or fraud directly, merchants may be able to glean valuable insights from these reports.

What is Mastercard's SAFE?

SAFE or System to Avoid Fraud Effectively is a Mastercard initiative (similar to Visa's TC40) documenting cardholder fraud claims and relevant data points. It does not prevent chargebacks or fraud, but can provide greater information to merchants about fraud claims.

How do TC40 and SAFE work?

Whenever an issuing bank receives information that a transaction might have been carried out without the cardholder’s knowledge or authorization, they submit details of that transaction to the card network through the appropriate reporting system.

TC40 is the name of the report that issuing banks send to Visa to report fraudulent transactions as part of its Risk Identification Service, and SAFE (System to Avoid Fraud Effectively) is Mastercard’s analogous fraud monitoring program.

Information included in these reports can include:

  • Merchant information, including name, location, MCC, etc.
  • Bank information for both parties involved in the transaction.
  • Transaction details, including location, time, etc.

Usually, the way an issuing bank finds out that a transaction may have been fraudulent is that the cardholder contacts them to dispute it.

It is therefore highly likely that all fraud-related chargebacks generate TC40 or SAFE reports, but not every possible instance of fraud that gets reported to the card networks will become a chargeback.

Some banks will simply reimburse cardholders out of their own funds for low dollar amount disputes simply because it’s cheaper than activating the entire chargeback process.

How does TC40 data help prevent chargebacks?

Issuing banks use TC40 data to determine the risk a merchant poses in terms of fraud and chargebacks. Since there is a direct relationship between fraud and the number of chargebacks, it follows that any data that helps determine fraud issues can help with chargebacks.

This data can give merchants insight they might not otherwise have into fraud claims, especially those with a low transaction value. In particular, a merchant being targeted for card testing might not even realize it without looking at this data, since that kind of fraud involves low-value transactions that will usually be refunded by the cardholder's bank directly.

fraud Prevention- Proven Strategies to prevent e-commerce fraud Data about fraudulent transactions that didn't result in chargebacks can also be fed into fraud prevention tools that analyze transaction data using machine learning to better detect potentially illegitimate purchase attempts.

However, it's important to note that there are limitations to the usefulness of these reports. They aren't a good indicator of rates of true fraud chargebacks, since not all fraud claims result in chargebacks. They also can't be used to give a merchant early warning of a potential chargeback, since they often aren't released until long after the claim is made.

If you want to be proactive about responding to disputes, chargeback prevention alerts are the better option, since they’re specifically designed to facilitate this approach. For merchants, the primary value of TC40 and SAFE data is in what you can learn about your specific fraud vulnerabilities.

Can merchants view TC40 data?

Merchants can ask their acquiring bank to share their TC40 data, but banks aren't required to fulfill such a request, and may decline to do so. Merchants typically aren't notified when a TC40 report has been generated.

What requirements do TC40 and SAFE impose on banks?

As part of their overall fraud monitoring strategy, Visa and Mastercard require that issuing banks provide them with data about fraudulent transactions. This information is used to assess the patterns of fraud activity and improve fraud prevention efforts. Reports and findings are shared with both issuers and acquiring banks.

Banks are not required to notify merchants when one of their transactions is included in a TC40 or SAFE report. At their own discretion, acquiring banks may provide their merchants with TC40 and SAFE data upon request.

While many issuers may choose to submit these reports on a frequent and timely basis, there can be considerable lag time between the initial dispute and the reporting. Mastercard specifically is fairly generous with the time frame it gives issuers to report, which means that by the time SAFE data is available you might be looking at fraud activity that’s two months old.

How do TC40 and SAFE reports impact merchants?

New call-to-actionThe data used in TC40 and SAFE reporting is used to determine which merchants have sufficiently high levels of fraud that they qualify for interventions such as the Visa Fraud Monitoring Program. The metrics Visa looks at to calculate high or excessive fraud activity (the total monthly value of fraudulent transactions and the monthly ratio of fraud dollars to sales dollars) are derived from TC40 reports, not from chargebacks.

In the future, these reports may be more accessible and more useful to merchants. Companies like Ethoca and Verifi are working to find ways to leverage the information in these reports to help merchants avoid chargebacks and fight fraud more effectively.

In the meantime, the best thing merchants can do with TC40 and SAFE reports is analyze them to figure out how to improve their overall risk management strategies with respect to fraud and chargebacks. Because these reports can be challenging to obtain, and you have no assurance that you’ll receive them in a timely manner, they aren’t well-suited for troubleshooting active disputes or fraud problems.

You also have to keep in mind that the data is largely informed by cardholders self-reporting fraud on their accounts. There will be inaccurate information that gets captured, and many types of chargebacks, like friendly fraud, will be entirely absent from these reports.

If you’ve never seen your own TC40 or SAFE data, we encourage you to reach out to your acquirer and find out what they’re able to provide.

If you can sift through the data critically and analyze it within an overall framework of matching chargebacks to their root causes and identifying the policies and procedures that can help you avoid similar chargebacks in the future, these reports can inform your plans for fraud and chargeback defense.

FAQ

What is a TC40 or SAFE report?

TC40 and SAFE reports are documents filed by issuing banks when a cardholder claims that a charge on their account is fraudulent. The reports are sent to the card network (Visa and Mastercard, respectively) and the merchant's bank.

Do all TC40 reports result in chargebacks?

No. A TC40 report only indicates that a claim of fraud was made. Some claims are refunded by the merchant before a chargeback occurs, others are refunded by issuing banks when the transaction amount is too low to bother with a chargeback.

Thanks for following the Chargeback Gurus blog. Feel free to submit topic suggestions, questions or requests for advice to: win@chargebackgurus.com

Get the guide, Chargebacks 101: Understanding Chargebacks & Their Root Causes

Similar Posts

Ready to Start Reducing Chargebacks?