Merchants Need to Know About TC40 & SAFE Data to Avoid Fraud Surprises
Most retail merchants may not have heard the terms TC40 data or SAFE data, but they’re important terms you should know because they can be detrimental to your company’s performance and financial health.
TC40 and SAFE are the names of fraud reports used by Visa and Mastercard, respectively, as a way to help Visa and Mastercard reduce fraud. But if merchants aren’t aware of what TC40 or SAFE (System to Avoid Fraud Effectively) data is used for, you could end up suffering some big losses and even earn a placement in Visa and Mastercard’s fraud monitoring programs. (Hint: You don’t want that.)
When a bank records an instance of fraud, the bank collects all the details about the purchase and then shares it with the card network (i.e. Visa and Mastercard). When the card network receives the information, it gets filed into their fraud report, Visa into their TC40 system, Mastercard’s into its SAFE system.
Banks are required to report all instances of legitimate fraud, although reporting chargebacks are optional. That’s because some chargebacks, such as QSR friendly fraud, are actually cheaper for the banks to reimburse the cardholder than it is to report the chargeback. (Once this system becomes automated, however, and artificial intelligence is brought to bear on this issue, we expect chargebacks to become an automatic report.)
If there are too many problems, or if your chargeback-to-transaction ratio is too high, you could find yourself enrolled in a fraud monitoring program. However, this is not something that’s necessarily beneficial to you. It’s like being put on double secret probation.
Being in a fraud monitoring program often means paying higher fees and taking extra administrative steps, like filling out extra paperwork and taking additional security measures. And if you can’t work your way off the double secret probation, your merchant services accounts could even be cancelled.
However, and this is the worst part, everyone in the payment chain will often know there’s a fraud problem except for the merchants.
When a fraud report is filed, the issuing bank collects the TC40/SAFE data and submits it to Visa or Mastercard. They add that data to their report, and then distribute the transactions to corresponding acquiring banks. Except acquiring banks rarely share this fraud data back with the merchants, so the merchants don’t even know a report has been made.
That means if the merchants can’t access their fraud data, and they’re not learning about chargebacks because the banks are just paying off smaller amounts, a merchant’s fraud problem could grow to an unacceptable rate right under their noses. And they won’t know how big the problem is until they’re suddenly enrolled in Visa’s or Mastercard’s fraud monitoring program.
Photo credit: Scott Brody (Wikimedia Commons, Creative Commons 4.0)
We appreciate you following Corepay’s blog. Let’s collaborate, send us your article suggestions, questions, and/or feedback to: [email protected].