Credit Card Processing Blog

We’ve been getting quite a few questions about Code 10 calls. Regular readers of this blog have seen the term referred to in a number of articles and want to know what it means. Additionally, non-readers who’ve been inquiring about our credit card processing services have occasionally asked us about it, after hearing the term elsewhere.

So in this article I will explain what a Code 10 call is, when you should make it and how.

What is Code 10?

Code 10 is a voice authorization request during a card-present transaction that alerts the card issuer to a suspicious activity, without alerting the customer. Whenever a merchant doubts the validity of the card or the legitimacy of the cardholder, he or she should make a Code 10 call to the processor’s voice authorization center.

The processor will then route the call to the card issuer. An operator will pick it up and ask a series of “yes” and “no” questions to determine the validity of the transaction. Once a conclusion is reached, the merchant will be given instructions on how to proceed.

When to Make a Code 10 Call?

There are multiple reasons to make a Code 10 authorization request, including:

• After the card is swiped, the point-of-sale (POS) terminal displays a “Lost or Stolen Card,” “Pick Up Card” or a similar kind of message.
• During the inspection of the card the merchant discovers that its security features have been altered or tampered with in some way.
• The signature on the transaction receipt does not match the one on the back of the card.
• The customer behaves in a suspicious or unusual manner. You should be careful with jumping to conclusions on this count, as there may be a perfectly legitimate explanation for your customer’s behavior.

How to Make a Code 10 Call?

The making of a Code 10 call is a fairly straightforward process. Whenever you have to do it, keep the card in your possession and follow these simple steps:

• Call your processor’s voice authorization center and say to the operator who picks it up “I have a Code 10 authorization request.”
• You may be asked some additional questions and then will be transferred to the card issuer.
• The issuer’s operator will ask you a series of “yes” and “no” questions. Answer calmly, in your normal voice.
• Follow the operator’s instructions.

If the instruction is to pick up the card, you should only attempt it if it is safe to do so. If not, complete the transaction, wait for the customer to leave the store and alert your processor. Even though it would be too late at this point to prevent a fraudulent transaction from taking place, you would help prevent one from occurring in the future, possibly again at your store. Additionally, you may need to alert the police.

Learn how to lower your card acceptance cost

Learn how to accept credit and debit cards at the lowest processing costs. The Payment Card Acceptance kit contains a video and an e-book:

• Video – Card Acceptance Best Practices for Lowest Processing Costs (18 min).
• E-Book – Payment Card Acceptance Guide (19 pages).

Credit card fraud is much easier to identify when payments are accepted face-to-face than it is in internet-based transactions. However, store-front merchants can only realize their advantage if they can identify suspicious transaction characteristics and know how to handle such situations.

Card-present fraud reasons. There are two main reasons for a merchant to suspect fraud in a card-present setting:

• The card is altered or counterfeit. Altered are cards on which the name, expiration date, account number, and / or the magnetic stripe have been changed in some way. Counterfeit are invalid cards that are fraudulently manufactured and bear a valid account number.
• The customer is not the authorized cardholder. The customer’s signature on the sales receipt must match the one on the back of the card. Otherwise, your customer is probably not the authorized user. You should ask for a driver’s license or another government-issued ID to verify your customer’s identity.

Code 10 call. If either the card or the customer makes you suspicious at any time during a transaction, you need to contact your authorization center and make a Code 10 call. Code 10 is an authorization request that alerts the card issuer to the suspicious activity – without alerting your customer. During the call you will be transferred to the card issuer’s special operator who will provide instructions on any necessary action.

When making a Code 10 transaction authorization request it is important that you remain calm, so that your customer does not get suspicious, and follow these simple steps:

• Keep the card in your possession.
• State to the representative who picks up the call “I have a Code 10 authorization request.”
• Answer the operator’s questions with a simple “yes” and “no.”
• Follow the card issuer representative’s instructions.
• If the operator asks you to retain the card, you should only do it if is safe to do so. If it is necessary to call the police, the operator will do it for you.

Unsigned cards. Industry regulations require that all cards are signed, before they can be accepted for payment. If you are presented with an unsigned card, you should do the following:

• Obtain transaction authorization the way you normally would.
• Ask your customer to provide an ID and confirm his or her identification.
• Ask that your customer signs the back of the card. If he or she refuses, do not complete the transaction.

Some consumers are lead to believe that writing “Ask for Photo ID” or something to that effect in the signature panel, instead of actually signing the card, reduces the risk of fraud. However, as far as your processing bank is concerned, or the card issuer for that matter, the card is unsigned and you should follow the procedures listed above.

Accept card payments quickly and safely

Accept credit and debit card payments at the lowest processing costs. You will get:

• Free merchant account set-up.
• No fixed monthly fees.
• 24 / 7 customer support.

Customers who attempt to fraudulently use a credit card at the checkout are often betrayed by specific signs of suspicious behavior. Such signs may have a perfectly reasonable explanation that has nothing to do with an unauthorized credit card use, however statistical data show that they are associated with a higher rate of fraud. You should be able to identify such signs and then act according to your organization’s established fraud prevention procedures. We have written at length in previous posts about the way these procedures should be designed and recommend that you review our suggestions.

Following is a list of five suspicious signs at the point of sale that you should look out for:

• Purchasing large quantities of merchandise without much attention to details. This is a very strong fraud indicator! If a customer is purchasing a sizable amount of merchandise, without much care for size, color, or even price, he or she is probably interested much more in its resale value than its utility.
• Rushing the cashier into a quicker processing of the payment. Although your customer may really be in a hurry, such behavior may also be intended to force you to circumvent standard fraud prevention procedures. While you would not want to delay a legitimate customer any longer than necessary, you should never forgo regular card acceptance procedures, as this is exactly what the criminal’s goal would be. Explain to your customer that you appreciate the fact that they are short on time, but you are responsible for ensuring that all payments are legitimate and cardholders’ interests are protected.
• Making multiple purchases within a short period of time. If a customer completes a purchase, leaves the store and then comes right back in, he or she may be doing it because they believe that making multiple fraudulent transactions for smaller amounts is less suspicious than making a single large-amount purchase.
• Shopping either right after the store opens or before it closes. A fraudster may be shopping early in the morning or late in the evening, in the hope that the merchant will not be as attentive as during other stretches of the day.
• Ignoring free delivery options (where applicable). If your customer asks no questions or completely ignores a free delivery option, in favor of a quicker but paid one, this could be a warning sign.

Now, it should be reiterated that, although suspicious, a certain behavior might be perfectly well justified and explained in another, completely legitimate way. By themselves, none of the above characteristics constitutes a proof of a fraudulent activity. You should always use your observations of customer behavior in the context of the particular setting. Different businesses attract different types of customers and what is considered a normal customer behavior at one place might be interpreted as completely irregular at another.

Once you have accumulated enough evidence to conclude that a fraudulent activity may be taking place, you should contact your processor’s voice authorization center and make a Code 10 call. You should keep the card in your possession during the call and follow the instructions you are given. If the instruction is to retain the card, you should only do it if it is safe to do so and then ask your customer for an alternative form of payment. If you feel threatened or uncomfortable, complete the transaction and make the call right after the customer leaves.

Learn how to lower your card acceptance cost

Learn how to accept credit and debit cards at the lowest processing costs. The Payment Card Acceptance kit contains a video and an e-book:

• Video – Card Acceptance Best Practices for Lowest Processing Costs (18 min).
• E-Book – Payment Card Acceptance Guide (19 pages).

Both Visa and MasterCard use special reason codes to designate chargebacks that result from processing counterfeit credit card transactions. Visa uses Reason Code 62 and its MasterCard equivalent is Reason Code 4862.

What causes these chargebacks? Chargeback Reason Codes 62 and 4862 are issued when a merchant fails to compare the first four digits of the embossed account number on the card with the pre-printed digits below the embossed number for a card-present transaction or receives an authorization without the transmission of the entire magnetic stripe. In particular, one of the following events occurs:

• The card issuer receives a written complaint from the cardholder stating that he or she was in possession of the card on the date of the transaction and that he or she did not authorize or participate in the transaction.
• The transaction is subsequently determined to be the result of counterfeit magnetic stripe fraud, and the entire unaltered contents of the magnetic stripe was not transmitted and not approved by the issuer.

How to handle chargebacks resulting from counterfeit transactions? Issuers can charge back transactions using Reason Codes 62 and 4862 within 120 days of the sales date. Your response will depend on the particular transaction circumstances and the actions you have taken (or not) so far:

• If both the card and the transaction were valid, a possible remedy would be to provide your processor a copy of the printed sales receipt.
• If the charged back transaction was counterfeit, there is no remedy and you should accept the chargeback. Do not process a credit at this time, as the chargeback has already performed this function.
• If you have issued a credit for the transaction at issue, provide your processing bank with evidence of the credit. At the very least, inform your processor when the credit was issued and for what amount, so that they can locate the transaction in their system.

How to prevent chargeback Reason Codes 62 and 4862? You can significantly minimize these chargebacks, and perhaps eliminate them completely, by following a set of card acceptance best practices at the point of sale:

• Check the card security features. A possible remedy for Codes 62 and 4862 chargebacks is to check all card security features before completing the transaction (something you should be doing anyway). In particular, the first four digits of the embossed account number on the card should match the printed four-digit number below the embossed number. If there is no match, you should make a Code 10 call (see below). There may be other signs of tampering with the card, such as embossed numbers that are blurry or uneven, or ghost images underneath the embossed numbers, indicating they have been changed.
• Key-entered transactions. There is a possible remedy for key-entered transactions at the point of sale too. If the magnetic stripe cannot be read, get an imprint of the front of the card on the sales receipt and have the cardholder sign it.
• Code 10 calls. If either the card or cardholder looks suspicious to you, make a Code 10 call. Code 10 is a form of a voice authorization request that alerts the card issuer to a suspicious activity – without alerting the customer. The card issuer’s representative asks the merchant a series of “yes” and “no” questions to determine whether or not the transaction at issue is fraudulent and gives instructions on how to proceed. All of your point-of-sale personnel should be well trained on how to make a Code 10 call and how to communicate to the customer a decision to recover the card, if that is the instruction of the card issuer’s representative. Remember that a card should only be retained if it is safe to do so and you should never confront or try to apprehend your customer.

As with most chargebacks occurring in a card-present setting, the key to preventing Reason Codes 62 and 4862 is developing sound card acceptance procedures and training your point-of-sale staff on implementing them on a consistent basis. There is certainly no shortage of industry guides and manuals to help you develop these best practices and we have discussed them at great length in this blog as well.

If there is something that you would like to add, share your ideas or experience in the comments.

Learn how to minimize chargebacks and fraud

Learn how to minimize chargebacks and reduce your processing costs. The Chargeback Management kit contains a video and an e-book:

• E-Book – Chargeback Manual (40 pages).
• Video – Card Acceptance Best Practices for Lowest Processing Costs (18 min).

Merchants are required under Visa and MasterCard regulations to ensure to their best abilities that credit and debit cards used for payment at their stores are valid and used by their legitimate cardholders. Under certain circumstances and if there is sufficient evidence to believe that a payment card is being used fraudulently or if its security features look as if they have been altered, merchants are required to recover the card from a customer at the point of sale, but only if it is safe to do so. Any of the following examples would provide a sufficient reason for recovering a payment card:

• The card’s security features are missing or altered. If the 3- or 4-digit card security code (CVV2, CVC 2 or CID) is missing or has been tampered with, or if the hologram does not appear right, or if the “Good Through” date is altered, that should raise your suspicion.
• The card number on the sales receipt does not match the account number on the card. If the account number that your terminal has read from the magnetic stripe and printed on the sales receipt does not match the one on the front of the card, this should immediately raise a red flag.
• The merchant receives a pick-up response. If, during a Code 10 call with the card issuer, you have been instructed to pick up the card, you should follow the instructions.

Once you have accumulated enough information to justify a decision to recover a card, or after you have been instructed to do so during a Code 10 call, you should follow these procedures:

• Only attempt a card recovery if you can do so safely. You should never take unnecessary risks. If the customer acts in a threatening way, you should complete the transaction and alert your payment processor after the customer leaves your store.
• Once you have established that it is safe to recover a card, tell your customer that you have been instructed to keep the card, and that he or she may call the card issuer for additional information.
• Remain calm and courteous throughout the recovery procedure. If the cardholder behaves in a threatening manner, return the card immediately and complete the transaction.
• Once you have recovered the card, contact your processor for further instructions.
• Cut the recovered card in half lengthwise, but be careful not to damage the hologram, the embossed account number, or the magnetic stripe.
• Send the recovered card’s pieces to your processor.

Card issuers offer cash rewards to merchants for recovering altered and counterfeit cards or for information that can lead to the arrest and conviction of any person involved in a counterfeit operation. Contact your processor for additional details.

For cards that are found at your store or have been inadvertently left by customers and have remained unclaimed, you should follow the above procedures for contacting your processor and sending in the card.

Accept card payments quickly and safely

Accept credit and debit card payments at the lowest processing costs. You will get:

• Free merchant account set-up.
• No fixed monthly fees.
• 24 / 7 customer support.