Help center

/

Disputes

/

Fraud Reason Codes

VISA FRAUD CODES

01. - Reason: Unauthorised payment using a stolen physical card

Description: A fraudulent payment occurs with the use of a stolen card, without the actual, implied, or apparent authority of the cardholder. Recommended Actions:

1. Immediately disable the card in your system.

2. Suspend and investigate the user account.

3. Block any other accounts linked by device, IP, or email.

4. Revoke access to intangible goods or services that have been delivered.

5. Flag associated IPs/devices in your fraud detection systems.

02. - Reason: Not Received as Issued (NRI)

Description: The cardholder claims they never received the card issued by the bank. Recommended Actions:

1. Review card provisioning details and registration timestamp.

2. Audit delivery method if the card was issued digitally (e.g., email/SMS).

3. Block all related accounts tied to the card credentials.

4. Notify the card issuer and request card reissuance verification.

03. - Reason: Fraud with Card Present (POS)

Description: The card was physically present during the transaction, but the cardholder denies authorising it (For hybrid fintech with in-person service points) Recommended Actions:

1. Verify any point-of-sale logs or kiosk check-ins.

2. Review CCTV or device footage if available.

3. Investigate any employee misconduct or device tampering.

3. Block the account and any associated devices.

4. Report to the acquiring bank if the card-present use is unusual for your model.

04. - Reason: Use of Counterfeit or Compromised Card

Description: Transaction used data from a cloned, counterfeit, or compromised card. Recommended Actions:

1. Terminate services for the user involved.

2. Block the user to prevent further payment attempts.

3. Block the reported card.

4. Conduct card BIN review and device behaviour analysis.

5. Flag the account for further card testing attempts.

6. Notify internal fraud teams.

7. Share incident indicators with fraud prevention networks (if applicable).

05. - Reason: Miscellaneous Fraud

Description: This code is applied to fraudulent transactions that don't fall under other specific fraud categories. Recommended Actions:

1. Perform a full account audit (devices, IPs, behaviour).

2. Temporarily suspend delivery of any pending digital goods.

3. Notify internal fraud and risk teams for manual review.

4. Investigate prior transactions and flag similar patterns.

5. Enrich user profiles with third-party fraud scoring (if available).

06. - Reason: Fraudulent Use of Account Number (Card-not-present)

Description: Card information was used in a digital environment (online, app, etc.) without authorization. The card itself was not physically used. Recommended Actions:

1. Block transactions from flagged IPs, devices, and users.

2. Refund reported transactions.

3. Revoke services or subscriptions tied to the transaction.

4. Implement or enhance CVV, AVS, and 3DS requirements.

0. - Reason: Card Reported as Lost

Description: Transaction identified as fraudulent due to the use of a card that the cardholder has reported as lost. Recommended Actions:

1. Immediately block the user and revoke access to services.

2. Disable the card on all linked accounts.

3. Flag the user for manual investigation.

4. Check for multiple accounts using the same card data and suspend them.

5. Update fraud detection models to flag repeated use of deactivated credentials.

B. - Reason: Account or Credentials Takeover

Description: An unauthorised user gains access to the cardholder’s account and makes transactions using stored or tokenised card data. Recommended Actions:

1. Disable/limit the affected account.

2. Initiate a forced logout and reset the session token across all devices; then, request that the user change the password/security questions associated with the account.

3. Review login patterns (e.g., geolocation, browser fingerprints).

4. Require ID re-verification for account reactivation.

5. Notify user of the breach and support recovery procedures.

C. - Reason: Merchant Misrepresentation

Description: The cardholder claims the product or service was not as described or misrepresented by the merchant. Recommended Actions:

1. Review and revise product descriptions and disclaimers.

2. Ensure refund/return policies are clear and accessible.

3. Provide proof of user agreement.

4. Enhance customer support documentation and visibility.

5. Offer proactive resolution options to prevent future disputes.

D. - Reason: Unauthorised Transaction (Card Not Lost or Stolen)

Description: The fraud involves the unauthorised use of account details (e.g., card number, CVV) where the physical card was neither lost nor stolen. Recommended Actions:

1. Block the affected user account immediately.

2. Revoke access to delivered intangible goods or services.

3. Audit session activity: collect IP address, geolocation, device ID, and transaction time.

4. Force reset of credentials (password, 2FA) for the compromised account.

5. Investigate other accounts associated with the same card, IP address, or email, and block them as necessary.

6. Implement or enforce strong customer authentication (e.g., 3D Secure).

7. Update internal fraud detection rules to flag similar behaviours.

MASTERCARD FRAUD CODES:

0. - Reason: Card Reported Lost

Description: The Cardholder had previously reported the card as lost; the transaction occurred afterwards using that card. Recommended Actions:

1. Immediately block the card in the system and suspend the user account.

2. Revoke services or access granted through the transaction.

3. Review and block other accounts using the same card or credentials.

4. Flag the transaction pattern for fraud model updates.

1. - Reason: Stolen Card Used

Description: Fraudulent transaction using a card that was reported stolen, without the cardholder’s authorisation. Recommended Actions:

1. Suspend the associated account and revoke access to digital goods.

2. Identify and block related accounts by device, IP, or card.

3. Log and report fraud indicators to your processor/acquirer.

4. Strengthen transaction controls with 3DS and behavioural analysis.

03. - Reason: Card Not Present (CNP) Fraud

Description: Fraudulent transaction occurred in an e-commerce or digital environment without a physical card present—commonly due to stolen card credentials. Recommended Actions:

1. Review transaction risk data (IP, device fingerprint, geo).

2. Enforce or enhance CVV, 3DS, and velocity checks.

3. Block the user account and any accounts sharing similar identifiers.

4. Flag BINs or transaction sources with high CNP fraud risk.

5. Revoke service access and alert fraud prevention teams.

04. - Reason: Counterfeit Card Fraud

Description: A cloned or illegally duplicated card was used in a transaction, typically in card-present or EMV fallback environments. Recommended Actions:

1. Block the user and revoke delivered services.

2. Check for identical card usage across other accounts and compare customer data with the data you’re working with.

3. Enforce tokenisation, CVV, and 3D Secure for future transactions.

4. Report pattern anomalies to the acquirer or fraud consortiums.

5. - Reason: Account Takeover

Description: A third party has gained unauthorized access to the cardholder’s account (via phishing, malware, credential stuffing, etc.) and used stored card information to make fraudulent transactions. Recommended Actions:

1. Suspend and investigate the compromised account.

2. Force password and 2FA reset on the affected and linked accounts.

3. Audit login history (IP address, device, time) and compare it against the cardholder's known behaviour.

4. Revoke any active subscriptions or services delivered.

5. Block all associated accounts that share credentials, devices, or payment information.

6. Notify the cardholder and guide them through the recovery and re-verification process.

7. Update fraud detection systems with relevant indicators (e.g., IP addresses, device IDs, email addresses).

55. - Reason: CNP Unauthorised Transaction

Description: Card-not-present transaction where the cardholder claims they did not authorise the purchase. Recommended Actions:

1. Block the account and reset authentication credentials.

2. Revoke access to delivered goods.

3. Enable stricter rules for high-risk geographies or BINs.

4. Investigate login/session anomalies for fraud patterns and review previous customer history to make an informed decision about a refund.

56. - Reason: Manipulation of Cardholder

Description: The cardholder was tricked or manipulated into authorising the transaction (e.g., via social engineering, scams, or misleading communications). Recommended Actions:

1. Review transaction logs, communications, and session data.

2. Evaluate whether the service offered could be misleading or unclear.

3. Offer a voluntary refund if applicable and aligned with policy.

4. Escalate to the internal fraud team if signs of external fraud ring exist.

5. Block or flag users linked to suspicious promotional abuse or referral scams.

← Fraud Management Workflow

For Business

For Regulated industries

For Fintech

About

Contact

API

Privacy Policy

Cookie Policy

Legal notice

xpate Singapore

© Copyright xpate 2025. All right reserved.

*Not a bank, just doing all the cool stuff banks do—without the boring branches, confusing fees, or stuffy suits. You're welcome.

*Not a bank, just doing all the cool stuff banks do—without the boring branches, confusing fees, or stuffy suits. You're welcome.

UK: In the United Kingdom, services are provided by xpate Ltd, a company incorporated in England and Wales (registered number: 11920779), with an office at Level 18 40 Bank Street, Canary Wharf, London, England, E14 5NR. xpate is authorised by the Financial Conduct Authority (Reference number: 901021) to issue electronic money (e-money) and provide payment services. EEA: In the European Economic Area, services are provided by xpate SIA, which is incorporated in Latvia (registered number: 40203411426) with an office at Dzirnavu Street 42, Riga LV-1010, Latvia. xpate SIA has an electronic money institution operating licence issued by Latvijas Banka (Licence number 27-55/2023/7) to issue electronic money and provide several payment services.You may contact us via e-mail at wecare@xpate.com.