Liability shift for cards

From the date you're enabled for 3DS authentication, you are no longer liable for certain fraudulent chargebacks when a cardholder denies they made the purchase.

Liability shift rules

The following tables show the general eligibility of transactions for liability shift for both personal and commercial cards. These rules apply to Visa and Mastercard for any region, to American Express for Safekey supported regions, and to JCB for J/Secure supported regions:

3DS Flex response table

ThreeDSecure Result<eci>Eligible for liability shift?
Cardholder authenticated
  • 05
  • 02 (Mastercard)
Y
Authentication offered but not used
  • 06
  • 01 (Mastercard)
Y
Authentication unavailable
  • 07
  • 00 (Mastercard)
N
Failed
  • 07
  • 00 (Mastercard)
N
Authentication rejected
  • 07
  • 00 (Mastercard)
N

Split Authentication response table

Authentication status<eci>Eligible for liability shift?
Y
  • 05
  • 02 (Mastercard only)
Y
A
  • 06
  • 01 (Mastercard)
Y
U
  • 07
  • 00 (Mastercard)
N
N
  • 07
  • 00 (Mastercard)
N
R
  • 07
  • 00 (Mastercard)
N

Note: A shopper completing authentication is not a guarantee of liability shift. The card issuer can still downgrade the transaction.

Worldpay legacy MPI response table

ScenarioMPI ResponseIs the transaction eligible for liability shift?Result (ThreeDSecureResult)
3DSecureIssuer participatingFully authenticatedPARes = YYesCardholder authenticated
Attempted authenticationPARes= AYesAuthentication offered but not used
Authentication failedPARes = NNoAuthentication Failed
Authentication errorPARes = U, VERes = UYes

Ecommerce

Issuer not participatingVERes = NYesAuthentication offered but not used
Not 3DSecureNot applicableNoEcommerce

Warning: Exceptions to the rules may exist for certain schemes in certain territories under certain programs. These exceptions may also depend on your integration or services with Worldpay. If Worldpay is your acquirer, contact your Relationship Manager or Customer Support Manager. Otherwise, contact your acquirer.

Chargebacks and liability shift

For Visa, Maestro, Mastercard, JCB and American Express, card protection may be contingent upon you taking reasonable measures to control fraud. If your fraud levels are unreasonably high you may forfeit the benefits of chargeback protection.

Restrictions to our authentication service

These restrictions apply to Visa, Maestro, Mastercard, JCB and American Express:

Installation or Service typeReason
Corporate Gateway Call Centre (MOTO)The cardholder isn't able to enter their authentication details.
Recurring Payments (PayAsOrder)Except for the first transaction (or if a cardholder changes their card details and makes an immediate payment), the cardholder isn't present to enter their authentication details.
C - level, S - level or A - level serviceOn these service levels you're using your own acquirer, and so you may need to contact them to enable the service. Service levels are explained inthe payment process.