Network Discover
Code UA02
Category Fraud
Response Window 30 Days
Liability Shift ProtectBuy/3DS
Difficulty High

What Discover UA02 Means

Discover reason code UA02 stands for Fraud – Card Not Present. The cardholder is telling their bank they never made — or never authorized someone else to make — a purchase that didn't require a physical card: an e-commerce order, a phone order, or a mail-order transaction.

Because no card was swiped or dipped, Discover cannot use EMV chip data to verify a legitimate card interaction. That places most of the fraud risk on the merchant unless the merchant can prove authorization through other means — most importantly, a successful 3D Secure authentication via Discover's ProtectBuy program.

UA02 is one of the most common Discover dispute codes for online merchants, and one of the most difficult to win without proactive authentication tools in place.

Equivalent Codes on Other Networks

CNP fraud disputes exist across all four major card networks. Knowing the equivalents helps you build one unified fraud prevention stack:

Network Code Name Key Difference
Discover UA02 Fraud – Card Not Present This code — 30-day response window
Visa 10.4 Other Fraud – Card Not Present 30-day window; Visa Secure liability shift
Mastercard 4837 No Cardholder Authorization 45-day window; Identity Check liability shift
Amex F29 No Cardholder Authorization 20-day window; SafeKey liability shift

Common Trigger Scenarios

UA02 chargebacks arise from several patterns. Understanding which scenario applies helps you target the right evidence:

  • Account takeover fraud: A fraudster gains access to the cardholder's account and places orders using stored payment credentials.
  • Card-not-present data theft: The card number, expiration date, and CVV2 were stolen (data breach, phishing, card skimming) and used without the physical card.
  • Friendly fraud: The actual cardholder made the purchase but later claims fraud — sometimes after receiving the goods.
  • Family fraud: A family member used the card without explicit permission, and the cardholder files a dispute rather than resolving it internally.
  • Subscription billing: The cardholder disputes a renewal they forgot about or claims they never authorized recurring charges.

Key Deadlines & Timeframes

Event Timeframe Notes
Cardholder dispute filing Up to 120 days from transaction From transaction date or expected delivery date
Merchant rebuttal window 30 days from chargeback notice Missing this forfeits the dispute automatically
Second chargeback (pre-arbitration) 30 days after merchant rebuttal Discover may escalate if issuer disagrees
Arbitration filing 10 days after pre-arbitration Costly; reserve for high-value, strong-evidence cases

The 30-day merchant response window is firm. Set internal reminders the day you receive a chargeback notification — do not rely on a single email alert.

Evidence You'll Need

For CNP fraud disputes, authentication evidence is king. Organize your evidence in this priority order:

  • ProtectBuy / 3DS authentication record: If you used Discover ProtectBuy (3D Secure), provide the full authentication result — ECI value, authentication value (CAVV/AAV), and ACS transaction ID. A successful result shifts liability completely.
  • AVS and CVV2 match confirmation: Processor records showing address verification and card security code matched at time of authorization.
  • Device fingerprint and IP geolocation: Device ID, browser fingerprint, IP address, and geolocation data logged at checkout — especially useful if the IP matches the cardholder's region.
  • Prior purchase history: Records showing the same cardholder (same email, shipping address, device) completed prior transactions without dispute.
  • Order details and shipping confirmation: The full order including item description, order date, delivery address, and signed proof of delivery.
  • Login and session activity: Account creation date, login history, and session logs showing the transaction was placed through an authenticated account session.
  • Customer communication: Emails, chat logs, or support tickets referencing the order — particularly any where the cardholder referenced receipt of goods.

Build a Fraud-Proof CNP Defense Package

Our premium guide walks through every evidence type with submission-ready templates, rebuttal letter examples, and 3DS implementation advice that prevents future UA02s.

Get the CNP Fraud Defense Guide →

How Merchants Lose This Dispute

  • No 3DS authentication: Without ProtectBuy or another 3DS implementation, merchants carry the full CNP fraud risk and lose most UA02 disputes.
  • Weak AVS / CVV2 controls: Accepting orders where AVS fails or CVV2 doesn't match, then losing the dispute, is a preventable loss.
  • Missing authentication logs: 3DS data exists but wasn't stored or retrievable at dispute time — authentication without documentation is worthless.
  • Shipping to a freight forwarder: Delivering to a reshipping address or freight forwarder strongly signals fraud and undermines merchant claims of legitimate delivery.
  • Late or incomplete rebuttal: Missing the 30-day window or submitting a generic letter without supporting evidence is an automatic loss.
  • No prior purchase history: First-time orders from new accounts with no purchase history are difficult to defend as "known, authorized" customers.

Response Framework Overview

Follow this sequence when building your UA02 rebuttal:

  1. Check for ProtectBuy authentication: Pull the 3DS authentication record from your payment processor or gateway immediately. If you have a successful authentication, your case is straightforward — document and submit it.
  2. Compile verification data: Gather AVS result, CVV2 result, IP address, device fingerprint, and geolocation from your order records.
  3. Assess the scenario: Determine whether this looks like genuine fraud or potential friendly fraud based on delivery confirmation, account history, and customer communication.
  4. Write the rebuttal letter: Address each key fact — what was ordered, how it was authenticated or verified, how it was delivered, and why the transaction was legitimate.
  5. Attach all evidence: Submit in a single, organized PDF package. Label each exhibit clearly.
  6. Submit before day 30: Track the submission and confirm receipt through your processor's dispute portal.

Prevention Tips

  • Implement ProtectBuy (3DS2): This is the single most effective UA02 prevention measure. A successful ProtectBuy authentication shifts 100% of fraud liability to the card issuer.
  • Enforce AVS and CVV2 matching: Decline or review orders where AVS returns a non-match. CVV2 mismatches should trigger manual review or automatic decline.
  • Use device fingerprinting and velocity checks: Flag multiple orders from the same device using different cards, or rapid successive orders from the same IP.
  • Require account authentication for stored credentials: If you allow saved payment methods, require re-authentication (2FA/OTP) before charging a stored card.
  • Monitor for freight forwarder addresses: Cross-reference shipping addresses against known freight forwarder databases.
  • Set per-IP and per-card order limits: Velocity controls catch fraudsters placing many small orders before the cardholder notices.
  • Log and retain all session data for 18+ months: Authentication records, IP addresses, and device data must be available long after the transaction to support a dispute response.

Frequently Asked Questions

What does Discover reason code UA02 mean?

UA02 means the cardholder claims they did not authorize a card-not-present transaction — typically an online, phone, or mail-order purchase. Discover files this as a fraud dispute on the merchant's behalf.

Does 3D Secure protect against Discover UA02 chargebacks?

Yes. Discover ProtectBuy (Discover's 3DS implementation) shifts liability to the card issuer when authentication succeeds. A successful ProtectBuy authentication is one of the strongest defenses against UA02.

How long do I have to respond to a Discover UA02 chargeback?

Merchants typically have 30 days from the chargeback notification date to submit a rebuttal. Missing that window forfeits your right to dispute.

What evidence wins a UA02 dispute?

Successful ProtectBuy/3DS authentication data, AVS and CVV2 match confirmation, device fingerprinting records, signed delivery confirmation matching the billing address, and prior purchase history from the same cardholder are the strongest evidence types.

Can I win a UA02 dispute without 3D Secure?

Yes, but it is harder. Without 3DS you must rely on AVS/CVV match data, device/IP records, prior order history, and delivery confirmation. Strong circumstantial evidence across multiple factors gives you the best chance.

Ready to Win Your UA02 Dispute?

Our CNP Fraud Defense Guide includes a pre-built rebuttal letter template, evidence checklist, and step-by-step 3DS implementation guide — everything you need to fight back and prevent the next one.

Access the Full Defense Guide →

Related Codes & Resources

Related Reason Codes

Premium Resources