What Visa Reason Code 10.2 Means
Visa reason code 10.2 is titled EMV Liability Shift — Non-Counterfeit Transaction. Like 10.1, it falls under Visa's Fraud category and applies to card-present transactions only. The distinction is critical: where 10.1 involves a cloned or counterfeit card, 10.2 involves the actual physical card being used fraudulently — typically a lost or stolen card presented by someone other than the legitimate cardholder.
The liability shift mechanics are the same. If you did not read the EMV chip — if the transaction was swiped or manually entered while the card is chip-enabled — and fraud occurred, you bear the loss. But if the chip was read and the issuer approved the transaction, the liability question becomes more nuanced, and additional evidence such as PIN verification or cardholder presence documentation becomes important.
Code 10.2 is specifically for the non-counterfeit scenario — the genuine card was physically used, just not by its owner. If the card was cloned and a counterfeit was used, that is 10.1. The defense differs: for 10.2, PIN verification records, ID check documentation, and security footage are your best tools. For 10.1, EMV chip authorization data is primary.
Cross-Network Equivalent Codes
| Network | Code | Title | Notes |
|---|---|---|---|
| Visa | 10.2 | EMV Liability Shift – Non-Counterfeit Transaction | This page |
| Mastercard | 4870 | Chip Liability Shift | Covers both counterfeit and non-counterfeit EMV scenarios |
| Amex | F30 | EMV Counterfeit Transaction | Amex uses one code for both scenarios; similar defense approach |
| Discover | UA01 | Fraud – Card Present Transaction | Broad code covering in-person fraud including lost/stolen |
Common Trigger Scenarios
- Lost or stolen card used at your terminal. The cardholder's wallet was stolen and the thief used the physical card at your store before the cardholder noticed and reported it. The card is genuine, but the person presenting it is not the cardholder.
- Card used without PIN by a family member. A household member used the cardholder's card without permission. The cardholder files a dispute claiming non-authorization. These cases are often difficult to distinguish from legitimate fraud.
- Swipe fallback on a stolen chip card. A stolen card was swiped at your terminal instead of being chip-read, removing the authentication layer that might have required PIN. The thief exploited fallback mode to bypass the chip.
- Signature bypass on a contactless transaction. A high-value contactless transaction was approved without signature or PIN, leaving no identity verification record. If the card was stolen, you have little defense.
- Cardholder disputes after recognizing transaction they forgot. Some 10.2 filings are friendly fraud — the cardholder did make the purchase but claims they didn't recognize it, or a family member made a disputed purchase with the cardholder's knowledge after the fact.
Key Deadlines & Timeframes
| Milestone | Timeframe | Notes |
|---|---|---|
| Cardholder Filing Window | 120 days | From transaction processing date |
| Merchant Response Window | 30 days | From acquirer receipt; check your processor's internal deadline |
| Pre-Arbitration | 30 days | After representment rejection |
| Arbitration Filing | 10 days | After pre-arbitration rejection |
Evidence You Will Need
For 10.2, identity verification evidence is as important as EMV chip data. Gather both categories before drafting your response.
- EMV chip authorization data confirming the chip was read (not swiped or manually entered) for the disputed transaction
- PIN verification record showing online or offline PIN was successfully entered — this is the single strongest piece of identity evidence available for card-present fraud disputes
- Signed receipt bearing a signature that can be compared to the cardholder's signature on file, if your terminal requires signature
- ID verification record if your staff required and recorded government-issued ID at time of purchase, particularly for high-value transactions
- Security camera footage showing the person at the point of sale — preservable evidence that demonstrates physical cardholder presence, if the cardholder's appearance is distinguishable
- Any cardholder communication after the transaction that implies they were aware of or party to the purchase
Learn Exactly How to Package and Present This Evidence
The Fraud Defense Guide covers how to structure PIN verification evidence, how to handle situations where you have partial evidence, and the narrative format that Visa reviewers find most persuasive for 10.2 disputes.
Learn exactly how to package and present this evidence →How Merchants Lose This Dispute
- Providing chip data without identity evidence. Showing that the chip was read proves authentication occurred, but it does not prove the legitimate cardholder was present. For 10.2, you need to address the identity question directly, not just the authentication question.
- Relying on signature when it's illegible or missing. A blank signature line or an unreadable scrawl does not rebut an unauthorized use claim. If you require signatures, ensure they are captured clearly and retained.
- No security camera system or footage already overwritten. Many merchants discover their camera footage has a 7-14 day retention cycle after the chargeback arrives weeks later. Set retention periods to at least 90 days for high-risk transaction categories.
- Fighting clearly valid stolen card fraud. When a card was genuinely stolen and used before the cardholder could report it, these disputes are nearly impossible to win without PIN. Assess your evidence honestly before spending time on representment.
Get the Step-by-Step Winning Strategy
Our Fraud Defense Guide includes the exact evidence hierarchy for 10.2 disputes, PIN verification documentation language, and how to combine partial evidence into a compelling representment.
Get the step-by-step winning strategy →Response Framework Overview
- Establish that the chip was read. Lead with EMV authorization data confirming chip-and-pin or chip-and-signature processing occurred, not a magnetic stripe swipe.
- Present PIN verification if available. If PIN was entered and verified, state this explicitly and include the authorization record confirming PIN validation.
- Document any ID verification. If your staff required ID, include a record of the ID check (type of ID presented, last 4 digits of ID number if captured).
- Reference the signed receipt. Attach the receipt showing cardholder signature and transaction details.
- Address the identity claim directly. Do not ignore the fraud allegation — explicitly state that your records show authentication was performed and identity was verified per your standard protocols.
Prevention Tips
- Require PIN for all chip transactions where possible. Chip-and-PIN is far more defensible than chip-and-signature. If your terminal and acquirer support PIN CVM, enable it, especially for high-value transactions.
- Implement ID checks for transactions above your risk threshold. Requiring government-issued ID for purchases above $100 or $200 adds a meaningful identity layer that can win disputes outright.
- Set camera footage retention to 90+ days. Chargeback disputes often arrive 30-60 days after the transaction. If your cameras overwrite footage in 14 days, you lose potentially decisive evidence every time.
- Train staff to recognize suspicious behavior. Nervousness, inability to recall the last 4 digits, or insistence on swiping instead of chipping are warning signs. A declined-to-train transaction prevented is a chargeback avoided.
Frequently Asked Questions
What is the difference between 10.1 and 10.2?
Code 10.1 involves a counterfeit (cloned) card — a duplicate of the cardholder's card created through skimming or data theft. Code 10.2 involves the actual physical card being used fraudulently — typically a lost or stolen card presented by someone other than the cardholder. The liability shift logic is similar, but 10.2 opens different defense angles, including PIN verification and cardholder behavior evidence.
Can PIN verification protect me from a 10.2 chargeback?
PIN verification is one of the strongest defenses available for 10.2. If the transaction required and received a correct PIN entry, this is compelling evidence that the legitimate cardholder or someone with their knowledge authorized the transaction. Online PIN verification (verified by the issuer) is particularly strong. Offline PIN is somewhat weaker but still useful.
Is 10.2 limited to card-present transactions?
Yes. Code 10.2 applies exclusively to card-present, in-person transactions where the physical card was used. Card-not-present fraud disputes fall under Visa 10.4. If a lost or stolen card number is used online, that is a different code entirely.
Does security camera footage help with a 10.2 dispute?
Yes, significantly. If you have footage showing the cardholder at your location at the time of the transaction, that directly contradicts a lost/stolen card claim. Even footage showing a person whose appearance matches the billing address name and ID presented can strengthen your case, though privacy considerations apply to how you handle and present such footage.