How Do Banks Investigate Unauthorized Transactions?

How Do Banks Investigate Unauthorized Transactions?

One of your customers finds out they have an unauthorized transaction on their credit card. 

Their first reaction: Shock. After all, most consumers don’t think it will happen to them. From there, the customer will almost certainly call their bank to report the fraudulent charges. This is what initiates the complex process that can, and often does, lead to a chargeback.

But where do you, the ecommerce merchant, fit into this process?

Ecommerce merchants don’t always recognize their role in investigating unauthorized transactions and the impact they can have. But the more you know about the process, the better equipped you will be to protect your customers – and your company – from fraud.

What Merchants Need to Know About Investigating Unauthorized Transactions

1. How fraud impacts small and enterprise-level businesses
2. How banks investigate unauthorized transactions
3. Who is liable for credit card fraud
4. The connection between fraud prevention and customer service
5. The best defense against unauthorized transactions is fraud protection

Investigating unauthorized transactions is predicated by detecting fraud in the first place – which isn’t always obvious. Savvy fraudsters often start by using stolen card information only for small transactions that are more likely to fly under the radar. Smaller transactions let criminals test if the card information is valid. Some fraudsters will hack a card number with ongoing small transactions (like easily re-sold gift cards, for example) for years, going completely undetected if the cardholder doesn’t closely check their records.


1. How Fraud Impacts Small and Enterprise-level Businesses

No matter the size of your business, you share one thing in common with other merchants: You have customers who want excellent service.

However, being hit by fraud can sour even the most delightful customer experience: In our recent Consumer Behavior Analysis, we revealed that almost 20% of consumers would not revisit a retailer after having had a fraud experience with them.

In addition to how fraud impacts your customers, there’s also the question of how it impacts your company - which can vary depending on the size of your business.

Ecommerce Fraud Can Hit Small Business Merchants Hard

Small businesses tend to process fewer transactions, so every one of them is crucial for revenue. When a fraudster finds a weakness in a small business’ ecommerce site, not only can it negatively impact the merchant’s reputation (once consumers recognize the site isn’t safe), the subsequent chargeback fees can eat away at their bottom line quickly.

Enterprise Ecommerce Merchants Can Be Training Grounds For Fraudsters

Enterprise ecommerce merchants may not be as dependent on each individual transaction for revenue since they process countless numbers of them every week. But that doesn’t make them immune to fraud and its impacts. The fact that so many transactions are processed by enterprise merchants gives fraudsters an opportunity to potentially test out new tactics under the radar, unless the merchant has a solid fraud prevention and protection strategy in place.

2. How Banks Investigate Unauthorized Transactions

Once a customer reports a disputed charge, a fraud investigation is opened. The steps are fairly straightforward:

Due Diligence

The customer will need to provide details pertaining to the unauthorized charge, including any supporting documentation that proves the purchase was indeed fraudulent. In situations that involve identity fraud, an account takeover, or on-going fraud, that can mean a frustrating level of paperwork and legwork.


When the bank receives all the required documentation, they will have between 30 and 90 days to evaluate the case, formulate a response and resolve the issue. Depending upon the nature and scope of the fraud, the bank may decide to notify law enforcement. If the credit card fraud is accompanied by identity theft, the FBI may also be brought in to further investigate.

In most cases, however, the matter will be handled by internal credit fraud investigators who are experienced in combing through electronic transaction trails to determine where fraudulent purchases originated.

If, for example, the investigator can determine that the fraudulent purchase was made from an IP address in Australia, but the consumer has proof of being in Boise, Idaho at the time, that is strong evidence that the charge was indeed fraudulent.


Related Reading: Fraud Risk Management as a Matter of Uncertainty


The bank will advise the consumer to contact the three major credit reporting agencies (Equifax, Experian, and TransUnion) and ask for a fraud alert to be placed on file. This will ensure that any attempts to open new credit accounts are declined unless the creditor speaks with the consumer directly and takes extra steps to verify their identity.

The question of who is liable for the fraudulent purchase depends on timing and type of credit card.

3. Who Is Liable for Credit Card Fraud

In many cases, the consumer will not be on the hook for much. The Federal Fair Credit Billing Act protects consumers, stating that a card issuer can only hold a cardholder liable for up to $50 in fraudulent charges if the physical card is lost or stolen. If the card number is used but the cardholder is still in possession of the actual card, their liability is $0.

The bank will require the merchant to refund payment and the bank will subsequently charge a fee or chargeback to the merchant.

It’s important to note that the rules are different for debit cards. The Electronic Fund Transfer Act states that if fraud is reported within two days of the statement date, consumer liability is limited to $50. If the fraud is reported after two days but within 60 days, their liability is limited to $500. After 60 days the consumer is responsible for any and all fraudulent transactions.

How merchants handle their end of investigating unauthorized transactions can have a significant impact on how they are perceived by customers.

4. The Connection Between Fraud Prevention and Customer Service

In our recent Consumer Behavior Analysis, we reported that consumers look for legitimate ecommerce websites they can trust — and they rank security higher than value.

In fact, in every age demographic surveyed, more than 87% of consumers said they were more likely to purchase from an ecommerce store that had fraud protection. Further, while 42% of consumers surveyed have been victims of online fraud, 78% said they feel as safe or safer shopping online than in stores. Consumes are clearly relying on merchants to protect them from online fraud.

87% of consumers said they were more likely to purchase

It’s important to note that merchants are notified when a customer is disputing a transaction, so how you communicate with those customers as they are trying to resolve the issue can make a huge difference in how they view your business. Why? Because not much will make a customer angrier than being falsely accused. In our Consumer Research Analysis, 37% of respondents said they would flat-out boycott a merchant who declined their payment, while 33% would take their displeasure to social media.

It’s not much of a leap to assume that a customer with a legitimate dispute who’s treated like a fraudster will become a very unhappy - and potentially very vocal - former customer.

The best way to prevent all these headaches in the first place? A smart fraud protection strategy.

5. The Best Defense Against Unauthorized Transactions Is Ecommerce Fraud Protection

Protecting consumers from credit card fraud requires an all hands on deck approach, with merchants, banks, credit card companies, credit reporting agencies, law enforcement, and consumers having an important role to play.

Merchants should understand that their customers see fraud prevention as a merchant responsibility and accordingly, implement robust fraud prevention and protection solutions. These include a combination of machine-learning technology and subsequent manual review.

Using this approach, merchants will know that their businesses are being protected and consumers will be alerted regarding any fraudulent credit card use long before a statement arrives in their inbox. This allows them to trigger the investigation process sooner, helping keep fraudsters from succeeding.

ClearSale has the largest manual review team in the world, with more than 1,000 fraud analysts on duty 24/7/365 – guaranteeing timely decisions and the flexibility to handle even your toughest sales peaks.
And because our teams and review processes are customized to fit your business and your industry, you get higher approval rates and revenue numbers. Contact us today to find out why companies around the world trust the ClearSale solution.

Nova call to action

You may also like

Want to write
for our blog?

Please review our writers' guidelines
and then email with your pitch!

Subscribe to our blog