Mastercard Mastercom Dispute Categories Reference
Mastercard Mastercom dispute categories — all 7 codes, cardholder filing windows, merchant response deadlines, and ECP/HECM thresholds as of 2026.
Mastercard Mastercom: 4 categories, 7 active codes, 45-day merchant response window. Auth and POI Error: 90-day filing window. Fraud and Cardholder Disputes: 120 days. ECM at 100+ chargebacks + 1.5–2.99% ratio; HECM at 300+ and ≥3.00%.
A reference map of every active Mastercard Mastercom dispute code as of mid-2026, with cardholder filing windows, merchant response deadlines, defence notes, and monitoring program thresholds. For the narrative explanation — how Mastercom compares to Visa VCR, how Ethoca Alerts and CDRN work at the pre-dispute stage, and what the 2024 arbitration changes mean operationally — see Scheme Chargeback Rules in 2026.
Quick reference: all active codes
| Code | Category | Name | Cardholder filing window | Merchant response window |
|---|---|---|---|---|
| 4808 | Authorization | Required Authorization Not Obtained | 90 days | 45 days |
| 4834 | Point-of-Interaction Error | POI Error | 90 days | 45 days |
| 4837 | Fraud | No Cardholder Authorization | 120 days (up to 540 in select cases) | 45 days |
| 4870 | Fraud | Chip Liability Shift | 120 days | 45 days |
| 4841 | Cardholder Disputes | Cancelled Recurring Transaction or Digital Goods | 120 days | 45 days |
| 4853 | Cardholder Disputes | General Cardholder Dispute | 120 days | 45 days |
| 4855 | Cardholder Disputes | Goods or Services Not Provided | 120 days | 45 days |
The 45-day merchant response window across all Mastercard categories is 15 days longer than Visa’s 30-day window. Evidence collection should begin the moment the notification arrives, not when the deadline approaches.
Authorization — Code 4808
Disputes filed when no valid authorization was obtained, when the protection period has expired, or when multiple authorizations were incorrectly requested for a single transaction.
| Sub-condition | Typical trigger | Defence notes |
|---|---|---|
| Required authorization not obtained | Transaction processed without an authorization code | Provide the authorization approval record from your PSP or acquirer showing the auth code was obtained before capture |
| Expired protection period | Authorization obtained but not used within the validity window | Document the transaction was captured within the authorization validity period; re-authorize proactively if timeline was at risk |
| Multiple authorization requests | Multiple authorizations requested for a single transaction amount | Document the single valid authorization used; confirm others were voided or not captured against |
Point-of-Interaction Error — Code 4834
Processing errors at the point of transaction — duplicates, amounts that differ from the authorized value, transactions already settled by another method, and ATM-related issues.
| Sub-condition | Typical trigger | Defence notes |
|---|---|---|
| Duplicate processing | Same transaction submitted twice | Provide distinct order IDs and timestamps proving separate transactions; or confirm a refund was issued for the duplicate |
| Paid by other means | Transaction charged after customer already settled by cash, another card, or a prior refund | Provide evidence no other payment was accepted for the same order; or confirm which transaction is the legitimate one |
| Amount differs from authorized amount | Capture amount exceeds authorized amount | Show authorization and capture records match; for legitimately variable amounts (tips, fuel, hotel incidentals), cite applicable Mastercard authorization rules for that merchant category |
| Late presentment | Transaction presented outside the allowable presentment window | Limited defence surface — primarily an acquirer/processor-level issue; document processing timestamps to show timely presentment |
| ATM processing error | Incorrect amount dispensed or debited at ATM | ATM transaction log documentation; resolution typically involves acquirer or issuer rather than merchant |
Fraud — Codes 4837 and 4870
| Code | Name | Trigger | Defence notes | Key notes |
|---|---|---|---|---|
| 4837 | No Cardholder Authorization | Cardholder claims the transaction was unauthorized | Transaction-level evidence: device fingerprint, IP address, account history showing prior undisputed transactions from the same cardholder, delivery confirmation to cardholder address, billing/shipping address match | Primary Mastercard fraud code — the analogue to Visa 10.4. No Compelling Evidence equivalent exists for Mastercard; defence relies entirely on transaction-level documentation. 120-day filing window; up to 540 days in select jurisdictions or for cases involving underage cardholders. |
| 4870 | Chip Liability Shift | Counterfeit or altered chip card used at a terminal that did not correctly process the EMV chip | Document that the terminal is EMV-capable and that the chip was read correctly; provide EMV cryptogram data if available from your acquirer | Liability shifts toward the acquirer/merchant if the terminal failed to process the chip. Limited defence surface if the terminal was not EMV-capable at the time of the transaction. |
Cardholder Disputes — Codes 4841, 4853, 4855
All three carry 120-day cardholder filing windows and 45-day merchant response windows. These are the Mastercard equivalents of Visa’s Collaboration-workflow consumer dispute codes.
| Code | Name | Trigger | Defence notes |
|---|---|---|---|
| 4841 | Cancelled Recurring Transaction or Digital Goods | Transaction charged after cardholder cancelled a recurring arrangement, or digital goods not delivered as described | Cancellation policy acknowledged at sign-up; timestamp showing the charge was initiated before the cancellation request; digital delivery log confirming goods were delivered and accessed by the cardholder |
| 4853 | General Cardholder Dispute | Broad umbrella code — merchandise or services materially different from description, credit not processed, damaged goods, quality issues | The hardest code to defend without category-specific evidence. Respond to the cardholder’s specific stated claim; use product photos, correspondence records, return policy documentation, and delivery confirmation to address the particular issue raised — generic templates perform poorly here |
| 4855 | Goods or Services Not Provided | Cardholder claims goods or services were not delivered or not available | Physical goods: tracking number, delivery confirmation, signature if required. Digital/SaaS: access logs, login timestamps, activation confirmation. Services: booking confirmation, service completion record |
For SaaS and subscription operators, 4841 (cancelled recurring) typically runs alongside 4837 as the highest-volume Mastercard codes. For physical e-commerce, 4855 (not provided) mirrors Visa’s 13.1 exposure. 4853 acts as a catch-all — claims that don’t fit neatly elsewhere route here.
ECP and HECM monitoring thresholds
Both conditions must be met simultaneously — a volume spike without a chargeback ratio breach, or a ratio breach with low volume, does not trigger the program.
| Program | Chargebacks (month X) | Ratio | Monthly fine | Fine escalation |
|---|---|---|---|---|
| ECM (Excessive Chargeback Merchant) | ≥100 | 1.5%–2.99% | Up to $1,000 (months 1–3) | Escalates after month 3 |
| HECM (High Excessive Chargeback Merchant) | ≥300 | ≥3.00% | 2× ECM rate | Maximum $200,000/month |
Ratio formula: chargebacks in month X ÷ sales in month X−1 (one-month lag in the denominator). A high-volume month suppresses your ratio the following month; a low-volume month amplifies it.
Mastercard has not announced a threshold reduction for 2026. The ECP/HECM structure has been stable since 2023 — in contrast with Visa’s VAMP merchant threshold dropping from 2.2% to 1.5% in April 2026.
Changes that matter (2024–2026)
| Date | Change | Operator impact |
|---|---|---|
| June 11, 2024 | TLID (Transaction Linkage ID, 22 characters) introduced | Required across authorization, clearing, and single message systems to link original and related transactions. PSPs that haven’t updated their integration will produce matching failures in recurring and related-transaction disputes |
| October 2024 | Arbitration: 10-calendar-day acquirer rejection window removed | Acquirers can no longer reject or delay accepting arbitration case filings; dispute resolution timelines effectively compress on contested cases |
| June 17, 2025 | Authorization type must be explicitly identified as pre-authorization or final | The previous “undefined” authorization type is no longer accepted by Mastercard processing systems — affects operators using pre-auth flows for hotels, car rentals, or estimated final charges |
Operator watchouts
- 4853 is the widest target. The general dispute code accepts claims that don’t fit cleanly elsewhere — response teams need to address the cardholder’s specific stated reason, not a generic template. Win rates on 4853 vary more than any other code and depend entirely on matching the evidence to the specific claim.
- 45-day window is longer than Visa’s but shouldn’t create complacency. Evidence has its own decay window — delivery confirmations, cancellation logs, access records, correspondence — that closes before the dispute response deadline. Start collecting immediately.
- Both ECP and HECM conditions must be met simultaneously. Volume without ratio breach, or ratio breach at low volume, does not trigger either program. Track both dimensions independently rather than relying on a single blended ratio metric.
- Ratio uses month X−1 sales in the denominator. Seasonal low-volume months (holiday shutdown, off-peak periods) amplify your dispute ratio the following month even without any change in absolute dispute volume. Build this lag into your monitoring model.
- TLID matching is now required. If your acquirer or PSP hasn’t updated to include TLID across auth, clearing, and single-message flows, you’ll face linking failures in recurring-transaction disputes — these surface as documentation gaps at the arbitration stage.
- No CE 3.0 equivalent exists for Mastercard. Visa’s automated dispute deflection mechanism for 10.4 has no Mastercard analogue. 4837 defences rely entirely on transaction-level evidence — there is no historical-transaction-based auto-qualification path.
Related references
- Scheme Chargeback Rules in 2026 — narrative context: Mastercom overview, how Ethoca Alerts and CDRN work, CE 3.0 comparison, and the full 2024–2025 change timeline.
- Visa Reason Codes: The Complete VCR Map — Visa scheme equivalent reference page.
- VAMP Operator Guide — Visa’s monitoring program; useful context for ECP/HECM comparison.
- Chargeback Representment Playbook — defence strategy by dispute type.
- True Cost of a Chargeback — break-even model for fight-or-accept decisions across dispute categories.
- AI Chargeback Representment Automation — automating evidence assembly for high-volume 4837 and 4841 disputes.
For term definitions — chargeback, dispute, chargeback ratio, chargeback representment — see the Payments Glossary.
By Shaun Toh · Director, Digital Payments · Razer Subscribers get the PSP Selection RFP Kit — 60+ structured questions, evaluation scorecard, and negotiation playbook — delivered to your inbox instantly.