Compelling Evidence 3.0: How a Returning Customer Helps You Win Fraud Chargebacks

Compelling Evidence 3.0 lets merchants fight Visa fraud chargebacks with proof the cardholder shopped with you before. Here's how the rule works and when it wins.

The dispute that feels impossible to win

There is a particular kind of chargeback that makes merchants want to give up before they start. The reason code says fraud. The customer told their bank they never authorized the charge, never recognized the merchant, never made the purchase at all. And yet you can see them in your records — same email, same login, same address they've shipped to four times this year. The charge is as real as any sale you've ever made.

Fighting that used to feel like shouting into a void. You'd assemble a receipt, an IP log, maybe a screenshot of the account, and send it off knowing the issuer had already decided. Fraud claims carry a presumption, and the presumption is not in your favor.

In April 2023, Visa changed the rules in a way most merchants still haven't fully absorbed. The change is called Compelling Evidence 3.0, and it exists for exactly this situation: a real customer with a real history disputing a real charge as fraud.

What Compelling Evidence 3.0 actually is

Compelling Evidence 3.0 — usually shortened to CE3.0 — is a Visa dispute rule that applies to one specific category: reason code 10.4, Other Fraud – Card-Absent Environment. That's the bucket for online and over-the-phone purchases the cardholder claims they didn't make.

The idea behind it is almost embarrassingly intuitive. If a person has bought from you repeatedly, using the same identifiers, and never disputed those earlier purchases, then a sudden "I never authorized this" claim deserves scrutiny. CE3.0 gives you a structured way to put that history in front of the issuing bank — and, when it qualifies, it shifts liability back to the issuer before the dispute can even proceed.

The mechanism is what makes it powerful. This isn't a persuasive essay the bank weighs at its discretion. When your evidence meets the criteria, the issuer is supposed to be blocked from filing the chargeback in the first place, or to lose it on representment. It moves the question from do they believe you to do the data points line up.

The criteria, in plain terms

To qualify under CE3.0, you generally need to show two or more prior transactions by the same cardholder that were never disputed. Those prior transactions have to sit in a specific window — older than 120 days but within the last 365 days relative to the disputed charge. The logic there is deliberate: a purchase from last week proves little, but a steady relationship over months is hard to wave away as fraud.

Then comes the linking. Each qualifying prior transaction has to connect to the disputed one through shared identifiers — at least two of a short list that includes things like the same device fingerprint, the same IP address, the same account login or customer ID, and the same shipping address. The connective tissue matters more than any single document. One receipt says a sale happened. A pattern of the same device, logging into the same account, shipping to the same home, across months of undisputed orders, says something a fraud claim struggles to survive.

Notice what's doing the work here. It isn't the disputed transaction at all. It's everything around it — the history you already have but rarely think to present.

Why this rewards the records you already keep

The quiet lesson of CE3.0 is that winnable fraud disputes are built long before the dispute arrives. The evidence isn't something you generate in a panic after the email lands; it's something your systems either captured or didn't.

Did you log the device or IP on each order, or only the last one? Do you store a stable customer ID that ties guest checkouts back to the same human? Can you pull a clean list of a cardholder's prior orders and see which ones were never disputed? Merchants who can answer those questions walk into a 10.4 dispute with a real case. Merchants who can't are stuck with a single receipt and a presumption working against them.

This is also why fraud chargebacks are so often lost by default — not because the merchant was wrong, but because the proof of being right was scattered across systems that never talked to each other. CE3.0 doesn't reward the best writer. It rewards the best record-keeper.

Where the rule stops

It's worth being honest about the edges, because CE3.0 is narrow on purpose. It applies to Visa, and to card-absent fraud disputes specifically — not to "product not received," not to "not as described," not to cancelled-subscription complaints. Those are different reason codes with different evidence entirely, and trying to bolt a transaction-history argument onto them just wastes the deadline.

It also won't save you from actual fraud. If the card really was stolen and used once on your store, there is no history of undisputed prior purchases to point to, and there shouldn't be. The rule is a scalpel for the specific case where a legitimate, returning customer has filed a fraud claim — sometimes by mistake, sometimes as a shortcut to a refund they could have just asked for. That last pattern has a name, first-party misuse, and it's exactly the gap CE3.0 was written to close.

The other networks handle this differently. Mastercard and the rest each have their own fraud-dispute frameworks, and the qualifying details don't map cleanly onto Visa's. CE3.0 is the most codified version of the idea, which is part of why it's the one worth learning first.

The deadline that decides everything

There's a cruel detail underneath all of this. The strongest CE3.0 case in the world is worthless if it arrives late. Card-absent fraud disputes run on a tight representment clock — on Stripe, you're typically looking at a window measured in days, not weeks — and the evidence has to be formatted, packaged, and submitted before it closes.

That's the real failure mode. Not weak evidence. Not the wrong argument. Just a busy week, a dashboard notification that scrolled past, and a deadline that passed while you were running the actual business. The history that would have won the dispute was sitting in your database the whole time.

Where Argeback fits

This is the seam Argeback is built for. It ingests your Stripe disputes the moment they land, recognizes when a fraud chargeback is the kind that qualifies for a transaction-history defense, pulls the prior undisputed orders and the identifiers that link them, and assembles an evidence-backed response — then files it before the deadline, from your phone. The record-keeping that CE3.0 rewards stops being something you hope you did and becomes something the tool does for you.

If you've ever lost a fraud dispute to a customer you recognized, it's worth seeing what your own history could have argued on your behalf. You can take a look at Argeback and let it watch the clock so you don't have to.