In October 2025, Visa is rolling out a major update to its chargeback rules: Compelling Evidence 3.0 (CEDP). This new standard is set to reshape how merchants defend against card-not-present fraud disputes by giving them a structured way to prove that a transaction was legitimate.
For merchants in ecommerce, phone orders, or mobile transactions—where in-person card swipes aren’t an option—these rules offer a new chance to reduce revenue loss from friendly fraud and unauthorized claims. But to benefit from the change, businesses must understand the requirements and prepare their systems ahead of time.
What Is Visa Compelling Evidence 3.0?
CEDP is Visa’s latest update to dispute handling for fraud-related chargebacks—specifically those labeled under reason code 10.4 (Other Fraud – Card Absent Environment). Historically, many merchants have struggled to win these cases, even when the customer had made previous, undisputed purchases.
Visa’s new standard gives merchants a stronger defense. If a business can show that the disputed transaction matches two previous, undisputed transactions from the same cardholder—using specific shared data points—Visa may reject the fraud claim. This shifts the liability away from the merchant, potentially saving hundreds or thousands of dollars in chargebacks.
Accepted data points include things like the customer's device ID, IP address, email, shipping address, login credentials, or phone number. At least two of these must match between the current transaction and two earlier ones that were not disputed.
To be valid, the previous transactions must have occurred more than 120 days before the disputed one, reinforcing the idea that the cardholder had a legitimate history with the business.
Why Visa Compelling Evidence 3.0 Matters for Merchants
Chargebacks, especially friendly fraud, continue to eat into merchant profits each year. When a customer claims they didn’t authorize a transaction, the burden of proof typically falls on the merchant. And without strong evidence, the case is often lost.
CEDP allows businesses to use customer behavior data they’re already collecting to push back against these losses. When implemented correctly, this new framework reduces the risk of chargebacks being decided unfairly, especially for businesses that maintain consistent transaction records.
But it also raises the bar for data organization and security. Businesses must not only collect relevant customer information—they must store it in a way that’s accessible, consistent, and compliant with data protection rules.
Preparing for the October 2025 Deadline
To meet Visa’s new standard, merchants need to act before CEDP goes live. The first step is evaluating how well their systems collect and organize customer data. If your ecommerce platform or POS system doesn’t retain key data points—such as device or login information—you may not be able to take advantage of CEDP protections.
Equally important is the ability to retrieve that information quickly. When a chargeback is filed, you’ll need to identify the matching data from previous transactions and submit it within Visa’s dispute timelines. If that information is scattered across systems or difficult to access, the opportunity may be lost.
It’s also wise to coordinate with your payment gateway provider to confirm that their platform supports the CEDP framework. Not all gateways are equally equipped to surface the needed metadata or pass it through to Visa’s dispute resolution process. Some may require configuration updates or new reporting tools to support the change.
Training your team is another key element of preparation. Staff who handle disputes should understand what qualifies as compelling evidence, how to retrieve historical transactions, and when the CEDP rules apply. This includes knowing how to recognize reason code 10.4 and respond appropriately.
Avoiding Common Pitfalls
Even businesses that collect data consistently may run into issues if they rely on outdated systems. Legacy POS software often lacks the ability to track or store metadata like IP addresses or user login history. In some cases, the data may exist but can’t be tied back to specific transactions, making it unusable for dispute defense.
Inconsistencies between online and in-person systems can also create gaps. If a customer’s phone order and ecommerce order go through different platforms that don’t share data, it may be difficult to find qualifying matches, even if the customer has purchased multiple times.
Another risk is storing customer data in ways that violate PCI DSS or data privacy rules. As merchants prepare to store more metadata, they must ensure that their security measures are up to date and that sensitive information is encrypted or tokenized as needed.
The Role of Technology in Compliance
The success of your CEDP readiness plan will likely come down to your technology stack. Modern POS and gateway platforms make it easier to collect transaction metadata automatically, store it securely, and report on it quickly.
For example, a cloud-based POS system can capture device or login data and tie it directly to the payment record. A smart gateway can then retrieve that information during a chargeback and format it for Visa’s requirements. Together, these systems reduce the need for manual tracking or guesswork—and increase the odds of winning disputes.
If your current setup doesn’t support this level of data transparency, now is the time to explore updates or integrations. The October deadline will arrive quickly, and retrofitting compliance after the fact is rarely efficient or effective.
Get Ahead of CEDP, Gain More Control
Visa’s Compelling Evidence 3.0 update marks a shift toward greater fairness in chargeback handling—but only for businesses that are ready. Merchants who capture and organize their customer data can use this framework to defend against friendly fraud, preserve revenue, and improve relationships with issuers.
At Tidal Commerce, we’ve built our payment systems to make compliance easier. Our API-driven gateway helps merchants collect and submit the data needed for CEDP compliance, while our reporting tools and dispute support give business owners confidence throughout the process. Whether you run an ecommerce store or manage transactions across multiple locations, we’re here to help you prepare for the changes ahead.
To learn more about how we support merchants with chargeback transparency and data readiness, visit Tidal Commerce.
