| Tabla de Contenido |
|
|
Kushki provides you with a daily report of the transactions at your business that have been reported as fraudulent by the VISA and MASTERCARD networks. Learn how this report works, how to request access, and how to interpret the information it contains.
β οΈ Important: This report is only available for transactions processed with VISA and MASTERCARD cards for acquiring clients.
β This report is not available for domestic transactions in Mexico (PROSA). π²π½
π Before requesting access, please note:
- You must be an acquiring client at Kushki.
- Your business must have at least one fraudulent transaction recorded in its history. Without this requirement, no folder will be created on the access server and the request will be denied.
- Have the email address ready to which you want to receive your access credentials.
How does the report work?
Through the TC40 report from VISA and the TLL8 report from MASTERCARD βgenerated on a daily basisβ, both networks provide Kushki with information on all transactions reported as fraudulent at your business. With this information, Kushki generates a daily CSV file available on a secure SFTP server. The name of each file corresponds to the date it was generated.
The file consolidates the day's fraud chargebacks from both networks. If your business has more than one branch, the chargebacks for all of them will appear in the same file.
βΉοΈ Please note: The file is only generated on days when fraud chargebacks are recorded. If no such transactions occur on a given day, no file will be added to your folder.
How to request access to the report
- Contact your Kushki Presales Engineer and let them know you want access to the Fraud Chargeback Report.
- Provide your email address to the Presales Engineer. This is the address where your access credentials will be sent.
- Check your inbox. Once the request is processed, you will receive an email with:
- The SFTP server link where your files are hosted.
- An access key file that you will need to use to authenticate on the SFTP.
- Access the SFTP using the link and key received. You will find a folder assigned to your business where the daily CSV files will be deposited.
βΉοΈ Note: Credentials do not expire, so you can use them at any time to access both historical and newly generated files.
How to filter information by branch
If your business has more than one branch and you want to view chargebacks for only one of them, download the CSV file and apply a filter in your spreadsheet or database manager using the following fields:
- merchant_information_id: Unique identifier of the business.
- merchant_name: Name of the business.
- branch_id: Unique identifier of the branch. Filter by this field to isolate records for a specific branch.
- branch_name: Name of the branch. Use it as an alternative or complement to the previous filter.
Keep in mind that only branches that had at least one fraudulent chargeback on that day will appear.
CSV file structure
Each file downloaded from the SFTP has the following columns:
| Field | Description |
|---|---|
source_file | Report from which the transaction is recorded: TC40 (VISA) or TLL8 (MASTERCARD). |
merchant_information_id | Business identifier number. |
merchant_name | Business name. |
branch_id | Branch identifier number. |
branch_name | Branch name. |
generated_at | Date the report was generated. |
transaction_time | Transaction date. |
transaction_id | Local transaction identification number. |
transaction_arn | ARN (Acquirer Reference Number) of the transaction. |
brand | Card network: VISA or MASTERCARD. |
account_number | Account number from which the transaction was made (displayed in obfuscated form). |
authorization_code | Transaction authorization code. |
total_amount | Total transaction amount. |
reference_number | Transaction reference number. |
fraud_type | Fraud type identifier. Values vary by network (see tables below). |
fraud_type_classification | Additional fraud type classification. Applies to VISA only. |
secondary_fraud_type_code | Secondary fraud type code. Applies to MASTERCARD only. |
Values for the fraud_type field β VISA
| Value | Definition |
|---|---|
| Fraud Type 0 β Lost | The cardholder does not have the card and does not know what happened to it. |
| Fraud Type 1 β Stolen | The cardholder does not have the card and has an explanation of how it was lost (e.g., wallet was stolen). |
| Fraud Type 2 β NRI | Not received as issued: the card was sent but the cardholder never received it. |
| Fraud Type 3 β Fraud Application | The account was opened using partially false cardholder information. |
| Fraud Type 4 β Counterfeit | The cardholder has the card, but card-present transactions occurred that were not made by them. |
| Fraud Type 5 β Miscellaneous | Fraud that cannot be categorized elsewhere: e.g., multiple draft imprints obtained unlawfully from a legitimate card or unauthorized alterations to a sales draft. |
| Fraud Type 6 β Fraudulent Use of Account Number | Fraudulent use of the account number without physical possession of the card. |
| Fraud Type 9 | Counterfeit reported by the acquirer: the transaction has an unissued or invalid BIN. |
| Fraud Type A β Incorrect Processing | The fraudulent transaction was possibly due to incorrect processing (e.g., failure to validate an EMV cryptogram or CVV). |
| Fraud Type B β Account or Credential Takeover | Fraud resulting from the takeover of a legitimate customer's account or credentials (e.g., fraudulent use of a digital wallet). |
| Fraud Type C β Merchant Misrepresentation | Fraud resulting from a merchant deliberately misleading the cardholder (e.g., overcharging or selling items that do not match what was offered). |
| Fraud Type D β Manipulation of Account Holder | Fraud resulting from the manipulation of a cardholder into completing what they believe is a legitimate transaction (e.g., vendor impersonation to redirect a payment). |
Values for the fraud_type field β MASTERCARD
| Value | Definition |
|---|---|
| 00 | Lost card fraud: a fraudulent transaction made using a lost card, without the cardholder's authorization. |
| 01 | Stolen card fraud: a fraudulent transaction made using a stolen card, without the cardholder's authorization. |
| 02 | Never received issue: interception and use of a card before it was received or authorized by the cardholder. |
| 03 | Fraudulent application: a fraudulent transaction using a card obtained with a false name or other false identification information. |
| 04 | Counterfeit card fraud: use of counterfeit, altered, or illegally reproduced cards, including magnetic stripe modification. |
| 05 | Account takeover fraud: unauthorized access to an existing account through a change of address or card reissuance request (does not include lost or stolen cards). |
| 06 | Card-not-present fraud: a fraudulent transaction using account information (via phone, mail, internet, or other electronic means) without the physical card. |
| 51 | Illicit merchant: a cardholder participating in transactions with an illicit merchant as defined by Mastercard's Questionable Merchant Audit Program. |
| 55 | Payment order modification: an unauthorized payment transaction resulting from the loss, theft, or misappropriation of payment data or instruments. |
| 56 | Cardholder manipulation: the fraudster manipulates the payer into transferring funds in good faith to a fraudulent account. |
Values for the fraud_type_classification field (VISA only)
| Value | Description |
|---|---|
| 01 β Purchase scam | The victim pays in advance for goods or services they never receive, usually through an online platform. |
| 02 β Investment scam | A criminal convinces the victim to transfer money to a fictitious fund or a fake investment. |
| 03 β Romance scam | The victim is persuaded to make payments to someone they met on social media or dating sites. |
| 04 β Advance fee scam | The criminal convinces the victim to pay a fee that supposedly results in the release of a much larger payment or high-value goods. |
| 05 β Invoice or mandate scam | The victim tries to pay a legitimate beneficiary, but the criminal redirect the payment to their own account. |
| 06 β CEO fraud scam | The fraudster impersonates a senior executive of the victim's organization to request an urgent payment. |
| 07 β Impersonation scam | The fraudster impersonates a trusted entity (e.g., a bank, police, or service provider) to persuade the cardholder to transfer funds. |
Values for the secondary_fraud_type_code field (MASTERCARD only)
| Value | Description |
|---|---|
| K | Convenience check or balance transfer transaction. |
| N | PIN not used in the transaction. |
| P | PIN used in the transaction. |
| U | Unknown. |
Frequently asked questions and troubleshooting
- Why is there no file in my SFTP folder?
The CSV file is only generated on days when your business records fraud chargebacks. If no such transactions are reported on a given day, no file will be created. You can check back on subsequent days for new activity. - My access request was denied. What should I do?
For your folder to be created on the SFTP, your business must have at least one fraudulent transaction recorded in its history. If you do not yet meet this requirement, access cannot be enabled. Contact your Presales Engineer to confirm the status of your history and when you will be able to request access again. - I did not receive the email with my credentials. What should I do?
Check your spam or junk mail folder. If after a few business days you still cannot find it, contact your Presales Engineer to follow up on the request and confirm the correct email address to which the credentials should be sent.