Friendly Fraud vs True Fraud: How to Tell the Difference (and What to Do)

Industry data consistently shows that approximately 70% of chargebacks are friendly fraud — transactions the cardholder actually authorised, disputed after the fact. The remaining 30% are true third-party fraud: stolen card details, account takeover, synthetic identity. Most merchants treat all chargebacks the same way. This is expensive. True fraud and friendly fraud require different evidence, different responses, and different prevention strategies. Getting the classification wrong means either fighting a dispute you can't win (true fraud without 3DS) or accepting one you should have contested (friendly fraud with delivery proof). This guide explains how to tell the difference, why it matters, and what to do in each case.

What Is True (Third-Party) Fraud?

True fraud is when the transaction was made without the legitimate cardholder's involvement at all. Someone else — a fraudster — obtained the card details through data theft, phishing, skimming, account takeover, or purchasing credentials on the dark web. The cardholder never made the purchase and has no knowledge of it. When they notice the unfamiliar charge on their statement, they contact their bank and file a dispute. The dispute is genuine: the cardholder really didn't authorise the transaction. From the card scheme's perspective, this falls under Visa 10.4 and its equivalents across other networks — the “card-absent fraud” category that covers the vast majority of unauthorised transaction disputes.

Key signals of true fraud are concentrated at the order level. A new account with no prior order history, a high-value first order, a mismatch between the billing country and the shipping destination, rush shipping selected to extract goods quickly before the card is blocked — these patterns indicate someone using stolen credentials. Add a proxy or VPN IP address, delivery to a freight forwarder, or multiple declined payment attempts followed by a success using a different card, and the picture becomes clearer. No single signal is conclusive, but clusters of these patterns should trigger additional scrutiny before fulfilment. Once you've shipped, the options narrow considerably.

What Is Friendly Fraud?

Friendly fraud is a misnomer — there's nothing friendly about it. It occurs when a customer disputes a transaction they authorised. The cardholder made the purchase but filed a dispute claiming otherwise: that the item never arrived, that they didn't authorise the charge, or that the product wasn't as described. The transaction was legitimate. The dispute is not.

There are three distinct types. The first is deliberate abuse: the customer intentionally disputes a legitimate purchase to get a free item or service, knowing the bank dispute process systematically favours cardholders and that many merchants won't fight back. The second is genuine confusion: the customer doesn't recognise the billing descriptor (a common problem when your trading name differs from your payment processor entity), forgot about the subscription, or doesn't realise a family member used their card. This type isn't malicious, but the outcome for your business is identical. The third is buyer's remorse: the customer received the item, decided they don't want it, and uses the dispute process to get a refund after your return window closed or after they couldn't be bothered to arrange a return.

Why is it increasing? The dispute process has become more accessible. Most banks now allow customers to dispute a charge through their mobile app in under 60 seconds — no phone call, no waiting on hold, no explanation required beyond selecting a reason from a dropdown menu. The friction has dropped to almost nothing. Meanwhile, merchant win rates in disputes haven't improved correspondingly, because gathering and submitting quality evidence is still a manual, time-consuming process. That asymmetry — easy to dispute, hard to defend — is what makes friendly fraud the dominant chargeback problem in 2026.

How to Tell the Difference — 8 Signals

No single data point definitively classifies a dispute, but the following signals, taken together, allow you to make a confident probability assessment. Run through these for every dispute before you decide whether to fight or accept, and before you decide which evidence to lead with in your rebuttal.

1. 1

   Order history. If the disputing “cardholder” has made previous undisputed purchases with you, the probability of true fraud drops significantly. Fraudsters don't build a purchase history before using stolen credentials — they transact once and disappear. Friendly fraud, by contrast, is far more common from established customers who know your product and your process. A first purchase that immediately results in a dispute skews toward true fraud. A customer with six previous orders suddenly disputing their seventh is almost certainly not a fraud victim.

2. 2

   Device and IP consistency with past orders. True fraud typically involves a new device, a new IP address, and often a different geographic location from any prior account activity. Friendly fraud usually comes from the same device and IP as prior legitimate orders — because the customer actually placed the order from their own device. If your platform collects device fingerprints (and it should), cross-referencing the disputed transaction against prior sessions is one of the most reliable classification signals available. This is also the foundation of Compelling Evidence 3.0 for Visa disputes.

3. 3

   Delivery confirmation status. True fraud orders sometimes fail delivery — fraudsters use drop addresses that get flagged by carriers, or the address provided doesn't match what the courier can locate. Friendly fraud almost always results in confirmed, successful delivery, because the customer ordered to their own address and received the goods before deciding to dispute. If your carrier record shows a confirmed delivery signature at the billing address, and the dispute claim is “item not received,” you are almost certainly dealing with friendly fraud.

4. 4

   Timing since purchase. True fraud disputes tend to arrive quickly — within days of the transaction, once the real cardholder notices an unfamiliar charge on their statement or receives a bank alert. Friendly fraud disputes often arrive later: after a return window has closed, after a subscription cycle renews, after the customer has had and used the product for weeks. A dispute filed 45 days after a purchase to a known address is almost never true fraud — the real cardholder would have noticed and disputed far sooner.

5. 5

   Customer service contact before the dispute. True fraud victims rarely contact the merchant before disputing — they didn't make the purchase, have no relationship with you, and go directly to their bank. Friendly fraud customers, on the other hand, often contacted your support team first: asking about returns, complaining about a product, requesting a refund that was declined, or querying a charge. If you have a customer service record showing the disputing customer asked for a refund and was told no within the week before the dispute arrived, that sequence tells you exactly what happened.

6. 6

   Billing descriptor recognition. If your billing descriptor is clear, consistently formatted, and recognisable as your brand name, then “I don't recognise this charge” disputes are almost certainly friendly fraud — either deliberate misuse or genuine confusion from a family member or forgotten subscription. True fraud occurs because someone else used the card, not because the descriptor was confusing. If, however, your descriptor is cryptic or uses a parent company name your customers have never seen, genuine confusion disputes are plausible — and fixable, by changing the descriptor.

7. 7

   Timing relative to return policy expiry. A dispute filed within days of a return or refund window closing is a very strong indicator of friendly fraud. The customer waited until they couldn't return the item through your process, then escalated to the bank dispute channel instead. This is particularly common for “no questions asked” return policies with hard cutoffs — customers who miss the window by a few days are disproportionately likely to dispute. Tracking the gap between dispute date and return window expiry across your dispute history often reveals this pattern clearly.

8. 8

   Product type. Digital goods have substantially higher friendly fraud rates than physical goods. Once a digital product — software, an online course, an ebook, a subscription service — has been consumed or accessed, there is nothing to return. Physical goods can be sent back; the dispute process is the digital equivalent. Merchants selling digital products should expect higher friendly fraud rates as a baseline and build their evidence collection accordingly: access logs, download records, login history, and usage data become the primary evidence rather than delivery confirmations.

Why the Classification Matters for Your Response Strategy

The evidence that wins a true fraud dispute is almost entirely different from the evidence that wins a friendly fraud dispute. Submitting the wrong evidence type — even strong evidence — signals to the dispute reviewer that you haven't understood the claim and weakens your overall position.

Using a true fraud response strategy on a friendly fraud case — or vice versa — is a common, costly mistake. Submitting 3DS records for a delivery dispute, or submitting delivery records for a no-authorisation fraud dispute where you have no authentication data, signals to the reviewer that you don't understand the dispute type. A well-structured rebuttal that acknowledges the specific claim and provides targeted evidence in response consistently outperforms a generic evidence dump. The chargeback reason codes themselves tell you which evidence category the scheme considers relevant for each dispute type — use them as a guide to what the reviewer expects to see.

How to Reduce True Fraud

True fraud is largely preventable at the order stage. Once goods are shipped to a fraudster, the chargeback is very likely and very hard to win without strong authentication data. Prevention is worth considerably more than a well-written rebuttal.

1. 1

   Implement 3DS authentication. This is the single most impactful step. When a transaction is authenticated via 3DS and fraud still occurs, liability shifts from you to the card issuer. You lose the goods but not the dispute — the bank absorbs the loss. 3DS2 has significantly reduced false declines compared to the original version, making it viable for most merchant types.

2. 2

   Use fraud detection tooling. Stripe Radar, Shopify's built-in Fraud Analysis, and third-party tools like Signifyd or NoFraud score each order against risk signals before fulfilment. These tools catch patterns that manual review misses at scale — device reputation, email age, velocity across merchants, and card-to-shipping address mismatch patterns.

3. 3

   Decline simultaneous CVV and AVS mismatches. A CVV mismatch alone is not always fraud — occasional data entry errors occur. But a CVV mismatch combined with an AVS mismatch (billing address doesn't match the card issuer's records) on the same transaction is a strong signal of stolen credentials. Set your fraud rules to decline this combination automatically.

4. 4

   Manual review for high-value first orders. For high-value purchases from brand-new accounts with no prior history, a brief manual review before fulfilment is cost-effective. The cost of a five-minute review is trivial compared to the cost of a lost chargeback on a £400 order. This doesn't need to be elaborate — a quick check of the order signals against your risk criteria before releasing to the warehouse.

How to Reduce Friendly Fraud

Friendly fraud reduction is primarily about closing the gaps that make disputes easy — a confusing billing descriptor, no delivery record, no customer contact before the dispute. Each gap you close either prevents the dispute from being filed or provides the evidence to win it when it is.

1. 1

   Fix your billing descriptor. Most “I don't recognise this charge” disputes disappear immediately when the descriptor clearly shows your trading name. If customers regularly dispute charges because your descriptor reads as a parent company name, a payment processor entity, or a meaningless code, that is a straightforward operational fix with an outsized impact on dispute volume. Include a recognisable name and, if your processor allows it, a short URL or phone number.

2. 2

   Send detailed order confirmation emails. A confirmation email that describes exactly what was purchased, the price, how it will appear on the bank statement, and what the returns process is — with a clear contact option — gives customers a reference point before they ever think about disputing. It also creates a timestamped record showing the customer received information about the transaction at the time of purchase.

3. 3

   Collect CE 3.0 data for every transaction. Device fingerprints, IP addresses, and email addresses collected at checkout are the raw material for Compelling Evidence 3.0 submissions on Visa. If you can demonstrate that the same device and IP placed two or more prior undisputed transactions with the same cardholder, you can shift liability on the current dispute — even without 3DS. This is your primary weapon against repeat friendly fraud customers on Visa, and collecting the data costs nothing if you build it into your checkout from the start.

4. 4

   Proactive customer service. Catching unhappy customers before they reach for the dispute button is the most effective friendly fraud prevention there is. Automated post-purchase check-ins, an accessible and responsive refund process, and a support team with the authority to issue refunds on borderline cases all reduce the population of customers who turn to their bank as a last resort. A refund costs you the margin on one transaction. A dispute costs you the transaction, the fee, and the time — plus the chargeback ratio damage.

What to Do When You Can't Tell

Some disputes genuinely resist classification. The signals are mixed: a customer with one prior order, a delivery to a different address than billing, a dispute filed three weeks after purchase. When you can't classify with confidence, build your response for both scenarios. Gather your delivery confirmation — in case it's friendly fraud — and your authentication and verification records — in case it's true fraud. Present whichever set is stronger as your primary argument, with the other as supporting context. A response that covers both angles, without internally contradicting itself, is stronger than a response that commits to the wrong classification.

Use your transaction data to make a probability assessment. A new account, high transaction value, new device fingerprint, and a shipping address that mismatches billing points toward true fraud — and probably an unwinnable dispute without 3DS data. An established customer account, delivery confirmed to the billing address, the same device as prior orders, and a dispute filed after a return window expired points unmistakably toward friendly fraud, with a good chance of winning on delivery proof alone. When genuinely uncertain about whether to fight or accept, apply a cost-benefit calculation: dispute fee plus time cost versus the probability of winning multiplied by the transaction value. If the expected recovery is lower than the cost of the fight, accepting is the rational decision — and preserving your time for disputes you can win.

Conclusion

Most merchants who consistently win chargebacks do so not because they have better legal arguments, but because they have better data. They log device fingerprints. They have 3DS authentication enabled. They keep delivery records. They send confirmation emails the customer actually opens. The classification of true versus friendly fraud determines which subset of that data matters for any given dispute — and getting the classification right before you write your rebuttal is the difference between submitting targeted, compelling evidence and submitting a folder of documents that don't address the actual claim.