The short answer
Friendly fraud (also called first-party fraud, first-party misuse, or chargeback fraud) is when a legitimate cardholder disputes a transaction they actually authorized. The customer genuinely bought the product, received it, used it — then disputes the charge through their bank. The bank, unable to verify without merchant-provided evidence, usually sides with the cardholder.
Industry estimates: 60-80% of all e-commerce chargebacks are friendly fraud, not third-party fraud. It's the single biggest quiet loss across most merchants — and it's why Visa and Mastercard introduced specific rules (Visa CE 3.0, Mastercard First-Party Trust) to let merchants fight back.
Why customers do it
- "I don't recognize this charge" — the most common reason. Customer sees an unrecognizable merchant name on their statement, calls the bank. Bank files a chargeback. Often preventable with clear billing descriptors.
- "I already cancelled that subscription" — customer cancelled, got one more bill, disputes it. Sometimes a real bug in merchant's cancel flow; sometimes confusion about billing cycles.
- "Return policy is too complex" — customer didn't like the product, tried to return, got frustrated with process, skipped straight to chargeback.
- "Buyer's remorse disguised as fraud" — customer regrets the purchase, prefers the easier chargeback path over an honest refund request.
- "Shared card, unaware charge" — spouse or family member used the card, actual cardholder genuinely doesn't know about the charge, assumes fraud.
- "Product didn't work as expected" — disputing as fraud is faster than getting a refund.
How friendly fraud shows up in reason codes
Friendly fraud is usually coded as one of these:
- Visa 10.4 — Fraud: card absent environment. The most common. Cardholder claims they didn't authorize the charge.
- Mastercard 4837 — No cardholder authorization.
- Visa 13.1 — Merchandise/services not received.
- Mastercard 4855 — Goods or services not provided.
- Visa 13.3 — Not as described or defective merchandise.
The fightback: Visa CE 3.0 (April 2023)
Visa's Compelling Evidence 3.0 changed the game for friendly fraud disputes. For reason code 10.4 claims, a merchant can submit evidence of:
- Two prior undisputed transactions from the same cardholder (same card, same merchant, 120+ days old)
- Matching IP address, device ID, shipping address, or account login
- No prior chargebacks on those transactions
If the evidence matches, liability shifts back to the issuer. The merchant wins. See full details in our compelling evidence entry.
Best-in-class operators using Visa CE 3.0 are winning 60-70% of friendly fraud disputes they'd previously lost automatically.
Mastercard First-Party Trust (October 2023)
Mastercard's parallel rule. For MC 4837 claims, merchants submit:
- Prior undisputed relationship history
- Customer login metadata tying the charge to the cardholder's own account
- Delivery confirmation + usage signals
Prevention (worth more than representment)
- Clear descriptors. Number-one cause cut in half with recognizable per-brand descriptors.
- Chargeback alerts (Verifi + Ethoca). Pre-dispute notifications let you refund before it posts to your ratio. Costs $20-$40 per resolved case; usually saves $75+ in chargeback fees + ratio damage.
- Responsive refund flow. Customer who gets refunded in 24 hours doesn't dispute.
- 3DS 2.0 authentication. Authenticated transactions shift liability for fraud claims to the issuer.
- Friction where appropriate. High-value transactions, unusual geographic patterns, repeat-cardholder-at-risk velocity — add friction with step-up auth.
Operational workflow
Don't accept friendly-fraud losses. For every dispute, check the customer's transaction history:
- Did this customer have 2+ prior undisputed transactions at this merchant? → Visa CE 3.0 representment.
- Is there session data tying the charge to the authenticated account? → Mastercard FPT representment.
- Is this a pattern (same customer disputing multiple charges)? → Possible professional chargeback, flag for fraud team.
Why it's especially painful at multi-brand scale
4 brands on 4 processors = 4 different dispute workflows. Friendly fraud on Brand A is tracked in one system; Brand B's is in another. You can't see that the same customer is disputing across all 4 of your brands. multiflow's consolidated dispute queue surfaces cross-brand patterns so you can flag serial disputers.