Liability Shift

Liability shift refers to the change in who bears the cost of a fraudulent transaction depending on the technology used at the point of sale or checkout. Since the EMV chip migration (US effective October 2015; UK earlier), card networks apply a rule: if a merchant accepts a chip card via a magnetic-stripe swipe — rather than the chip — and that transaction is later disputed as fraudulent, the liability for the chargeback falls on the merchant's bank, not the card issuer.

For card-not-present (online) transactions, the equivalent mechanism is 3-D Secure (3DS) authentication. When a merchant implements 3DS (Verified by Visa, Mastercard SecureCode), and the cardholder completes authentication, liability for fraudulent transactions shifts to the issuer. If the merchant does not implement 3DS and fraud occurs, the merchant typically bears the cost.

For consumers, liability shift is largely invisible but important: it creates commercial incentives that push merchants toward stronger authentication, which reduces fraud. Consumers should be aware that this mechanism does not replace their own dispute rights — if a merchant's weak authentication leads to fraud on their account, the consumer's chargeback rights under the FCBA or Reg E remain intact.