Compelling Evidence 3.0 (CE 3.0)

Compelling Evidence 3.0 represents the most significant shift in Visa’s dispute rules in over a decade, specifically targeting the systematic abuse of chargeback reason code 10.4 by cardholders who claim fraud on transactions they knowingly made.

The Prior-Relationship Standard

Under CE 3.0, a merchant must produce evidence linking the disputed transaction to a pattern of prior legitimate use. The qualifying criteria are specific:

Transaction count: At least two prior non-disputed transactions within the lookback window.

Shared credential: The prior transactions must share at least one of the following with the disputed transaction: device fingerprint or device ID, IP address, or account/login credentials used on the merchant’s platform.

Clean history: None of the qualifying prior transactions may have been previously disputed or charged back.

Lookback window: Approximately 120 days prior to the disputed transaction (Visa defines this as 365 days but the practical match window for identical device/IP signals is typically 120 days given user behaviour drift).

When a CE 3.0 response is accepted by the issuer, the dispute is automatically resolved in the merchant’s favour — the chargeback liability shifts back to the issuer.

What CE 3.0 Changed

Before CE 3.0, merchants defending against first-party fraud chargebacks had limited recourse. Order confirmation emails and delivery receipts were often insufficient to counter a cardholder’s fraud claim, since the cardholder could simply maintain they did not make the purchase. CE 3.0 shifts the evidentiary burden by making device continuity and behavioural consistency the deciding factors.

Operator Implementation Requirements

CE 3.0 is only effective if the merchant captures and retains device-level transaction data. Operators must ensure:

• Device fingerprinting is active on checkout and stored against each transaction record.
• IP addresses are captured at transaction time and retained.
• The data is linked to both the card number and account login credential across the transaction history.
• The chargeback management workflow can surface CE 3.0-eligible prior transactions within dispute response windows (typically 30 days).

Merchants without persistent device-session logging cannot use CE 3.0 regardless of how clear the first-party fraud pattern appears to an analyst.