Friendly Fraud vs True Fraud: How High-Risk Merchants Tell the Difference

Friendly Fraud vs True Fraud: How High-Risk Merchants Tell the Difference
TL;DR: Friendly fraud, where a legitimate cardholder disputes a valid transaction, accounts for up to 75% of all chargebacks in high-risk verticals. True fraud is an unauthorised transaction by a bad actor. Telling them apart determines whether you fight the dispute or write it off, and getting it wrong costs money either way.
Not every chargeback is the same, and for high-risk merchants, treating them all identically is one of the most expensive mistakes in payment processing. Two fundamentally different problems hide behind the same chargeback notification: true fraud committed by criminals, and friendly fraud committed by your own customers.
Misidentifying one for the other means either wasting resources disputing unwinnable cases or surrendering revenue on disputes you should have fought. This guide breaks down how to tell them apart, what signals to look for, and how to build detection into your merchant services infrastructure.

What Is True Fraud?


True fraud, also called criminal fraud or unauthorised fraud, occurs when a transaction is made without the genuine cardholder's knowledge or consent. A third party has obtained the card details through theft, phishing, data breaches, or card skimming and used them to make purchases.
The cardholder had no involvement in the transaction and has a legitimate claim when they dispute it.
Common True Fraud Scenarios for High-Risk Merchants
- Card-not-present (CNP) fraud: Stolen card details used in online transactions through your payment gateway
- Account takeover (ATO): A fraudster gains access to an existing customer account and makes purchases
- Synthetic identity fraud: Fabricated identities used to open accounts and make purchases before disappearing
- Phishing-sourced card data: Card credentials harvested via phishing campaigns and used across multiple merchants
- Data breach replay attacks: Stolen card batches from third-party breaches tested against high-risk merchant sites
Scale of True Fraud in 2026
According to the Nilson Report, card-not-present fraud losses globally reached $34 billion in 2025, with high-risk e-commerce verticals, gambling, adult, nutraceuticals, digital goods, accounting for a disproportionate share due to the anonymous, digital nature of their transactions. CNP fraud rates in high-risk categories run 3–5x higher than low-risk e-commerce averages.

What Is Friendly Fraud?


Friendly fraud occurs when a genuine, authorised cardholder, someone who actually made and received the purchase, disputes the transaction with their bank, falsely claiming it was unauthorised or that the product/service was not delivered.
The transaction was entirely legitimate. The fraud is the dispute itself.
Why Cardholders Commit Friendly Fraud
- Buyer's remorse: They regret the purchase but find disputing easier than requesting a refund
- Family disputes: A family member made the purchase without telling the account holder (common in gaming and subscription verticals)
- Subscription confusion: They forgot about a recurring billing and dispute it rather than cancel
- Deliberate exploitation: They know the dispute system favours cardholders and exploit it for free goods or services
- Descriptor confusion: The merchant name on their statement doesn't match what they remember buying
The Scale of Friendly Fraud
Friendly fraud is the dominant chargeback threat for high-risk merchants in 2026. Chargebacks911's most recent industry data estimates that 60–75% of all chargebacks in high-risk verticals are friendly fraud, legitimate transactions disputed by actual customers. For subscription-based businesses and digital goods merchants, that figure can exceed 80%.
The global cost of friendly fraud to merchants is estimated at $100 billion annually by Juniper Research, a figure that has grown consistently year over year as consumer awareness of the dispute process has increased.

Friendly Fraud vs True Fraud: Key Differences


Factor
True Fraud
Friendly Fraud
Who initiated the transaction?
A criminal using stolen card data
The genuine cardholder
Did the cardholder receive the product/service?
No - they didn't know about it
Yes - they made and received the purchase
Dispute reason stated
"I didn't authorise this"
"Not received" / "Not as described" / "Cancelled"
Chargeback reason codes
Visa 10.4, MC 4863
Visa 13.1, 13.2, 13.7 / MC 4853, 4855
Recurrence from same customer?
Unlikely - card is cancelled
Possible - serial friendly fraudsters repeat
Representment win rate
20–35% (harder to win)
35–60% (stronger evidence available)
Prevention tool
3DS2, fraud screening, AVS
Clear T&Cs, delivery proof, alert networks
Alert network interception?
Sometimes
Yes - Ethoca and CDRN highly effective

How to Tell the Difference: Detection Signals


The chargeback notification itself rarely tells you which type of fraud you're dealing with. The reason code provides a starting point, but the real classification work happens in your transaction data.
Signals That Point to True Fraud
- AVS mismatch: The billing address provided doesn't match the cardholder's bank records
- CVV failure on initial attempt: Multiple CVV attempts before a successful authorisation
- Unusual device or location: Transaction originates from a country or device inconsistent with the customer's history
- New account + high-value transaction: Account created immediately before a large purchase
- Multiple cards, same device: Several different cards tested from the same device fingerprint
- Velocity patterns: Rapid successive transactions across multiple accounts from the same IP
- No prior purchase history: First-ever transaction from this customer on a high-value item
- Failed 3DS authentication followed by successful retry: Suggests credential stuffing
Signals That Point to Friendly Fraud
- Successful 3DS2 authentication: The genuine cardholder authenticated the transaction; an unauthorised third party couldn't have done this
- Prior purchase history: The cardholder has transacted with you multiple times before
- Digital access logs: Account login and service usage after the disputed transaction date
- Delivery confirmation: Signed delivery or digital access record exists
- Customer service interaction: The customer contacted support after purchase (they knew about it)
- IP/device match: Transaction originated from the customer's known device and location
- Dispute filed after refund policy expiry: Timing suggests the customer waited until they couldn't get a normal refund
- Similar past disputes from same customer: Serial friendly fraud patterns visible in your CRM

Detection Tools That Help High-Risk Merchants Classify Fraud


Building the ability to classify fraud type at scale requires tools integrated across your payment processing stack.
3D Secure 2.0 (3DS2)
3DS2 is the single most powerful tool for distinguishing true fraud from friendly fraud in card-not-present environments. When a transaction is successfully authenticated via 3DS2, the liability for fraud-based chargebacks shifts from the merchant to the issuing bank. A chargeback filed on a 3DS2-authenticated transaction is almost certainly friendly fraud, and is significantly easier to win in representment.
All high-risk merchants processing online payments should have 3DS2 enabled at the payment gateway level in 2026. It is no longer optional.
Device Fingerprinting
Device fingerprinting assigns a unique identifier to each device used to transact. Matching the device fingerprint at dispute time to the device used at purchase, combined with IP geolocation, helps confirm whether the genuine cardholder was present at the transaction.
Fraud Scoring Platforms
Tools like Kount, Sift, and Signifyd assign real-time fraud scores to transactions based on hundreds of behavioural and identity signals. High fraud scores at transaction time correlate with true fraud; low scores on disputed transactions suggest friendly fraud.
Chargeback Alert Networks
Ethoca Alerts and Verifi CDRN intercept disputes before they become formal chargebacks, and the nature of the alert itself can help classify fraud type. Alerts arriving within hours of purchase often indicate true fraud (the cardholder noticed immediately); alerts arriving weeks after delivery more often indicate friendly fraud.
CRM and Order Management Integration
Your CRM holds the most valuable friendly fraud evidence: login records, support interactions, usage data, and purchase history. Integrating your CRM with your chargeback management workflow allows automatic evidence retrieval when a dispute arrives, dramatically improving classification speed and representment quality.

How to Respond Differently to Each Fraud Type


Getting the classification right determines your response strategy.
Responding to True Fraud
- Accept or dispute selectively: True fraud chargebacks are harder to win, especially without 3DS2 authentication. Evaluate representment ROI carefully.
- Block the card and account: Add the card BIN and associated account to your fraud blocklist immediately
- Review related transactions: Check whether the same stolen card data was used across multiple transactions
- Report to your payment provider: Flag confirmed fraud to your payment gateway and acquirer; it assists network-level fraud intelligence
- Analyse the breach vector: Understand how the fraudster obtained the card data; patch the vulnerability
Responding to Friendly Fraud
- Dispute via representment: Friendly fraud is the most winnable chargeback category; fight it with your evidence package
- Use chargeback alert networks: Ethoca and CDRN intercept friendly fraud disputes most effectively, giving you the refund window to resolve before formal chargeback
- Document serial offenders: Flag customers with repeat dispute patterns in your CRM and consider blocking future purchases
- Improve descriptor clarity: Many friendly fraud disputes originate from customers not recognising your billing descriptor; ensure it matches your brand name clearly
- Strengthen cancellation flows: Clear, frictionless cancellation reduces "I didn't cancel" friendly fraud in subscription merchant accounts

Pros and Cons of Current Fraud Classification Methods


What Works Well
- 3DS2 authentication creates a near-definitive friendly fraud signal when successful
- Device fingerprinting and behavioural analytics reliably flag true fraud at transaction time
- CRM integration makes friendly fraud evidence retrieval fast and scalable
- Alert networks (Ethoca + CDRN) intercept a significant share of friendly fraud before formal chargeback
Current Limitations
- True fraud classification is harder without 3DS2, not all issuers and regions fully support it yet
- Serial friendly fraudsters are becoming more sophisticated, some deliberately replicate true fraud behaviour patterns
- Device spoofing and VPN use can obscure device and location signals
- False positive fraud scoring can block legitimate high-value customers, a particular risk in offshore merchant environments with diverse customer geographies
- No single tool provides definitive classification, accurate fraud typing requires multiple data points working together

Fraud Classification by High-Risk Vertical


Vertical
Dominant Fraud Type
Primary Detection Signal
Recommended Tool
Online Gambling
Friendly fraud (80%+)
Login/session records, 3DS2
CRM integration + Ethoca/CDRN
Nutraceuticals
Friendly fraud (70%)
Delivery proof, usage data
CDRN + chargeback management platform
Adult Content
Friendly fraud (75%)
Access logs, 3DS2 auth
Ethoca + 3DS2
Forex / CFD
True fraud (higher than avg)
ATO signals, velocity patterns
Fraud scoring (Kount/Sift) + 3DS2
Digital Goods
Mixed — both significant
Device fingerprint, velocity
Full fraud stack required
Subscription SaaS
Friendly fraud (65–75%)
Usage records, cancellation logs
CDRN + CRM integration

Frequently Asked Questions


Q: Can a transaction be both true fraud and friendly fraud? A: No, they are mutually exclusive. True fraud means an unauthorised party made the transaction; friendly fraud means the actual cardholder made it and then disputed it falsely. However, classification isn't always straightforward, which is why multiple detection signals are needed.
Q: Does 3DS2 eliminate true fraud chargebacks? A: It shifts the liability for fraud-based chargebacks to the issuing bank, meaning the merchant isn't financially responsible. But it doesn't prevent the dispute from being filed; it just changes who absorbs the loss.
Q: Can offshore merchants access the same fraud detection tools? A: Yes. Most fraud scoring platforms, device fingerprinting tools, and chargeback alert networks are available to offshore merchants through their payment gateway or payment provider integrations.
Q: How does friendly fraud affect my merchant account standing? A: Every chargeback, regardless of type, counts against your chargeback ratio. Visa's threshold is 1% and Mastercard's is 1.5%. Exceeding these triggers monitoring programmes with escalating fines, regardless of whether the chargebacks are true or friendly fraud.
Q: What's the best single investment a high-risk merchant can make to reduce fraud losses? A: 3DS2 implementation. It simultaneously reduces true fraud liability, generates authentication evidence for friendly fraud disputes, and signals compliance maturity to your payment processing partners and acquirers.

Final Thoughts


For high-risk merchants, the difference between friendly fraud and true fraud isn't academic, it determines your response strategy, your representment approach, and ultimately your merchant account health. The merchants who build classification capability into their payment processing infrastructure recover more revenue, fight the right disputes, and maintain the chargeback ratios that keep their acquiring relationships intact.
→ Explore TheFinRate's directory of fraud detection tools and high-risk payment providers to build a complete fraud classification stack for your business. https://thefinrate.com/friendly-fraud-vs-true-fraud-how-high-risk-merchants-tell-the-difference/

Comments

Post a Comment

Popular posts from this blog

Top Payment Gateways That Support Global Transactions

Image
In today’s digital economy, businesses need reliable and secure top payment gateways to process transactions from customers worldwide. Whether you’re running an e-commerce store, a SaaS business, or a subscription service, choosing the right top payment gateway is crucial for seamless global payments. What Makes a Payment Gateway Ideal for Global Transactions? When selecting a top payment gateway , look for the following features: Multi-Currency Support – Ability to accept and process payments in various currencies. Global Coverage – Availability in multiple countries. Security & Compliance – Adherence to PCI DSS standards and fraud prevention measures. Payment Methods – Support for credit/debit cards, digital wallets, and local payment options. Integration & Compatibility – Easy integration with e-commerce platforms and APIs. Benefits of Using a Global Payment Gateway A top payment gateway offers several advantages for businesses operating on a global scale: Increased...
Read more

Neo Banking vs. Challenger Banks: Key Differences & Market Trends

Image
  Introduction The financial landscape has evolved rapidly, with traditional banking models being disrupted by fintech innovations. Two significant players in this evolution are neo banks and challenger banks . While both offer digital-first banking solutions, they differ in regulatory frameworks, services, and target markets. In this article, we’ll explore the key differences between neo banks and challenger banks, their respective market trends, and what the future holds for digital banking. What is a Neo Bank? A neo bank is a digital-only banking platform that operates without a physical branch. Unlike traditional banks, neo banks do not hold a banking license; instead, they partner with licensed financial institutions to offer banking services. Features of Neo Banks: Fully Digital Experience: No physical branches, with services accessed through mobile apps and websites. Third-Party Partnerships: Neo banks rely on licensed banking partners for operat...
Read more

Understanding Payment Gateways: What They Are and How They Operate

Image
What is a Payment Gateway? A payment gateway is a technology that allows merchants to process payments securely from customers. It serves as an intermediary between the customer, the merchant, and financial institutions, ensuring transactions are completed safely and efficiently. How Payment Gateway Works? Step 1: Adding a Payment Gateway Once your online store is set up, integrating a payment gateway is the first step to enabling secure transactions. This allows both merchants and customers to process payments safely. Methods of Integration: API Integration: Ideal for custom websites and apps, offering maximum flexibility. Plugin Integration: Best for platforms like WordPress, Shopify, WooCommerce, and Wix. SDK Integration: Allows developers to build a custom payment experience for mobile apps or websites. Step 2: Customer Makes a Purchase Customers select products and proceed to checkout, choosing their preferred payment method (credit/debit card, UPI, etc.). The payment gateway ...
Read more