Reason Code UA31 Discover Fraud
Time Limit 120 days from transaction date
Response Window 30 days from dispute notification
Difficulty Hard low win rate without strong auth evidence
Win Rate ~15% with proper authentication evidence
Premium Guide Fraud Defense Full defense playbook

What Discover Reason Code UA31 Means

Discover reason code UA31, titled Fraud — EMV Counterfeit, represents the most technically sophisticated form of card-present fraud: a counterfeit chip card that was able to produce authentication data that appeared valid to the terminal but was not properly verified by the card network. This is distinct from stripe counterfeiting (UA30) because the EMV chip authentication itself was compromised or circumvented.

UA31 has the lowest win rate of all Discover card-present fraud codes because the cardholder's claim is that the EMV system itself was defeated — which the merchant is ill-positioned to disprove. Network-level investigation is typically required to determine liability.

Rare but Severe

UA31 (EMV counterfeit) is distinct from UA30 (stripe counterfeit) and is technically rare. If you receive a UA31 dispute, the claim is that the chip card itself was counterfeited at a cryptographic level. These disputes often require card network investigation and technical analysis beyond standard merchant representment. Consult your acquirer immediately upon receiving UA31.

Cross-Network Equivalent Codes

Network Code Title Notes
Discover UA31 Fraud – EMV Counterfeit This page
Visa 10.1 EMV Liability Shift Counterfeit Fraud Visa EMV counterfeit code
Mastercard 4870 Chip Liability Shift Mastercard EMV counterfeit code
Amex F10 Missing Imprint Amex card-present fraud code

Common Trigger Scenarios

  • Cloned EMV chip card with compromised cryptographic data. A fraudster created a counterfeit chip card that contained either stolen or forged chip data, allowing it to transact at EMV terminals. This is technically sophisticated and rare.
  • Terminal downgrade attack. A counterfeit card or manipulated terminal forced a transaction to process through a less secure verification path, bypassing full chip cryptographic verification.
  • Compromised chip data from skimming device. Advanced skimming devices capable of reading chip data (not just magnetic stripe) were used to clone chip information for counterfeit card creation.
  • Issuer-side key compromise. In rare cases, compromise at the issuer level may allow counterfeit chips to be created. These cases are typically resolved by the card networks rather than merchant representment.

Key Deadlines & Timeframes

Milestone Timeframe Notes
Cardholder Filing Window 120 days From the transaction date
Merchant Response Window 30 days From Discover dispute notification; confirm with your processor for internal deadlines
Pre-Arbitration 30 days If Discover rejects representment, 30 days to escalate

Evidence You Will Need

  • Complete EMV transaction log — The full electronic transaction record including all EMV data elements: ARQC, TC, TVR, TSI, and all chip authentication fields
  • Terminal EMV configuration and certification records — Proof the terminal was correctly configured for full EMV processing without any downgrade settings
  • Acquirer transaction records — Complete transaction records from your payment processor including all authorization data
  • Terminal firmware version and PCI certification — Documentation of terminal firmware version and current PCI PTS certification status
  • Network investigation request — In UA31 cases, requesting a network-level investigation through your acquirer is often appropriate given the technical complexity

Learn Exactly How to Package and Present This Evidence

The Fraud Defense Guide covers the complete evidence format for UA31 representments, how to structure your response letter, and when a dispute is better accepted than contested given your authentication data.

Learn exactly how to package and present this evidence →

How Merchants Lose This Dispute

  • Not requesting network investigation. UA31 disputes often require card network technical investigation. Merchants who attempt to handle these disputes through standard representment alone may miss the opportunity for network-level resolution.
  • Incomplete EMV data submission. Partial EMV data is insufficient. Full chip authentication fields including ARQC and cryptographic data are required for technical review.
  • Non-current terminal firmware. Terminals running outdated firmware may have vulnerabilities that allowed EMV downgrade attacks. Keeping firmware current is both a security requirement and a defense prerequisite.
  • No terminal inspection protocol. If a terminal was tampered with to enable EMV downgrade attacks, documented inspection records are the only way to show the terminal was secure at the time of the disputed transaction.

Get the Step-by-Step Winning Strategy

Our Fraud Defense Guide covers the complete UA31 representment structure and the cross-network approach for equivalent fraud codes across Visa, Mastercard, and Amex.

Get the step-by-step winning strategy →

Response Framework Overview

  1. Contact your acquirer immediately. UA31 disputes often require acquirer involvement beyond standard representment. Notify your acquirer when you receive UA31 and request guidance on network investigation options.
  2. Preserve all terminal and transaction data. Do not reset, update, or alter the terminal involved in the disputed transaction until the dispute is fully resolved. Preserve all logs.
  3. Submit complete EMV transaction data. Provide the full EMV authentication record including all chip data fields to your acquirer for submission.
  4. Document terminal security and certification. Present terminal firmware version, PCI PTS certification, and inspection records for the disputed terminal.

Prevention Tips

  • Keep terminal firmware current. Updated firmware patches known EMV vulnerabilities and maintains PCI PTS compliance. Outdated firmware creates exploitable attack surfaces.
  • Inspect terminals for tampering and unauthorized devices. Regular physical inspection of terminals — particularly high-volume self-service terminals — can detect advanced skimming or tampering hardware.
  • Use PCI PTS Point-to-Point Encryption (P2PE). P2PE encryption of card data from the point of interaction reduces the value of any card data that might be intercepted during a terminal attack.
  • Monitor for transaction pattern anomalies. Unusual transaction patterns at a specific terminal, including multiple rapid transactions on new cards, can be an early indicator of a compromised terminal.

Frequently Asked Questions

How is UA31 different from UA30?

UA30 is counterfeit magnetic stripe fraud — a cloned stripe card used at a terminal. UA31 is EMV counterfeit fraud — the chip authentication itself was defeated. UA30 is prevented by requiring chip reads; UA31 occurs even when chip was read, because the chip was itself a counterfeit that bypassed standard verification. UA31 is technically far more sophisticated and much rarer.

Why is the win rate for UA31 higher than other fraud codes?

The stated ~15% win rate for UA31 reflects that these cases sometimes result in network-level investigation that can find the liability rests with the issuer or a compromised third party. The technical complexity of EMV counterfeiting means the resolution is not always a simple merchant loss — but standard representment alone still has a very low success rate.

What should a merchant do first when receiving UA31?

Contact your acquirer immediately, preserve all terminal data and logs, and request information about whether a card network investigation is appropriate. Do not attempt to resolve UA31 through standard representment alone without acquirer guidance.

Related Codes & Resources

Discover UA30: Fraud – Counterfeit, Magnetic Stripe Discover UA18: Fraud – Chip Card, PIN Discover UA20: Fraud – Chip Card, No PIN Visa 10.4: Other Fraud – Card Absent Environment Premium Guide Access the Complete Fraud Defense Guide