EMV Chargeback Reason Codes: The Chip Card Liability Shift Explained

What Is the EMV Liability Shift?

EMV (Europay, Mastercard, Visa) chip cards contain a microprocessor that generates a unique, one-time transaction code for each purchase. This cryptographic authentication makes it extremely difficult to counterfeit chip card transactions — unlike magnetic stripe transactions, where the static card data can be copied and replicated.

Before the liability shift, if a criminal used a counterfeit card at your terminal, you (the merchant) bore the loss from any resulting chargeback. After the liability shift: if you accept a chip card using a chip-capable terminal (EMV terminal) and the transaction is later disputed as counterfeit fraud, the liability shifts to the card issuer. You don't bear the loss.

The shift only applies when both sides use the technology: the card must be a chip card, AND your terminal must be chip-capable and the chip was actually read (not swiped because the chip was damaged or bypassed). If either condition fails — the card is a magnetic stripe card, or your terminal doesn't read chips — the old rules apply and you may bear the loss.

EMV Chargeback Reason Codes

The EMV liability shift has its own specific reason codes that identify chargebacks where the liability allocation depends on chip card usage.

Visa EMV-related codes: Visa reason code 10.2 (EMV Counterfeit) and 10.3 (EMV Never Confirmed) address EMV-specific scenarios. Code 10.2 is used when a counterfeit chip card is used to make a transaction — if your terminal read the chip, the issuer bears the liability. Code 10.3 applies when a chip card transaction was processed as a magnetic stripe transaction despite the card having a chip.

Mastercard EMV codes: Mastercard uses specific codes for fraud on chip card transactions where the fallback to magnetic stripe was used. When a card's chip fails and the transaction is processed via magnetic stripe, the liability allocation depends on whether the fallback was properly handled.

Fallback transactions: when a chip card's chip fails to read and the transaction falls back to magnetic stripe, the liability shift does not apply. The merchant who processed the fallback transaction bears the counterfeit fraud liability. This is why many merchants are instructed to attempt chip reads multiple times before falling back.

When the Liability Shift Protects You

Understanding when the EMV liability shift protects you as a merchant helps you assess your actual risk exposure.

You are protected when: a cardholder uses a chip card at your chip-capable terminal, the terminal reads the chip (not a fallback to magnetic stripe), and the transaction is later disputed as counterfeit or unauthorized.

In this scenario, the chargeback (if filed) would be processed under the EMV reason codes and the liability falls to the card issuer. You don't lose the disputed amount.

You are not protected when: you accept a magnetic stripe transaction (customer's chip card swiped because terminal isn't chip-enabled), you process a fallback transaction where the chip failed to read, you accept a card-not-present transaction (EMV chip liability shift applies only to card-present transactions), or the dispute is for a reason other than counterfeit/unauthorized (like "item not received" or "not as described" — those are unaffected by EMV).

Running chip terminal reports: your payment terminal or POS system logs every transaction and how it was authorized (chip, magnetic stripe, contactless). Reviewing these logs helps you understand what percentage of your transactions use chip vs. magnetic stripe and where your EMV exposure lies.

Contactless and NFC EMV Transactions

Contactless payments — tap-to-pay using a card's NFC chip, or mobile wallets like Apple Pay, Google Pay, and Samsung Pay — are EMV-compliant transactions that carry similar liability shift protections to contact chip transactions.

When a cardholder taps their chip card or uses a mobile wallet at an NFC-enabled terminal, the transaction uses EMV cryptography similar to a contact chip transaction. The counterfeit fraud liability shift applies in the same way.

For merchants who have upgraded to contactless-capable terminals, this protection extends to the growing volume of contactless payments. Given that contactless has become the dominant in-person payment method in many markets, this protection covers an increasingly large share of in-person transactions.

There are nuances for specific mobile wallet transactions — particularly when high-value transactions require PIN validation or additional authentication steps. Understand your terminal's specific handling of high-value contactless transactions to ensure you're meeting any additional requirements.

Protecting Your Business: EMV Best Practices

Maximizing the protection offered by the EMV liability shift requires attention to terminal maintenance and transaction handling practices.

Ensure all your terminals are EMV-certified and chip-capable: this seems obvious, but some merchants still operate older terminals that cannot read chips. Upgrading these terminals eliminates your exposure to counterfeit card fraud chargebacks.

Minimize fallback transactions: when a chip fails to read, your terminal may offer the option to swipe the magnetic stripe. Train staff to attempt the chip read multiple times before falling back — and when fallback does occur, record the specific card information and circumstances. Some issuers monitor merchant fallback rates; high fallback rates can trigger additional scrutiny.

Enable contactless payments: if your terminals support NFC, enable contactless acceptance. Contactless transactions are EMV-compliant and extend your liability shift protection to this growing payment method.

For card-not-present transactions: remember that EMV protection doesn't apply. For your online sales, implement 3D Secure to achieve a similar liability shift for online transactions.

Keep your terminal software updated: EMV specifications evolve, and terminal software updates sometimes address specific liability shift implementation details. Stay current on your terminal provider's software releases.