Understanding American Express Chargeback Reason Code F24: No Cardmember Authorisation
American Express Reason Code F24 signals that the cardholder says they did not authorise a specific transaction. It often stems from account takeover or other forms of actual fraud, but it can also arise from friendly fraud. Merchants can fight F24 disputes with timely, targeted evidence.
Key Takeaways
- What it means: The cardholder denies giving authorisation for the transaction.
- Causes: Account takeover. Stolen credentials. Lost/stolen cards. Friendly fraud.
- How to respond: Submit proof of authorisation, delivery, authentication, or a prior refund.
- How to prevent: Strengthen account security. Adopt fraud prevention tools. Use clear descriptors.
What is an American Express Reason Code F24 Chargeback?
In simple terms, the cardholder informs their issuer that, even if they have made a purchase from the merchant before, they did not approve this particular charge. It is a claim that someone other than the legitimate cardholder completed the purchase.
F24 is commonly encountered in card-not-present transactions, such as e-commerce or app-based checkout. When authorisation is confirmed digitally rather than with a chip and PIN, merchants are at greater risk. It can also appear after a lost or stolen card is used in-store without proper verification. Crucially, F24 can be a mix of true fraud and friendly fraud. Some cardholders file a dispute to avoid paying for a purchase they recognise but now regret. Others are genuine victims of account takeover or stolen card details.
Primary Causes for a Code F24 Chargeback
The most frequent cause is account takeover. Criminals compromise a shopper’s login by guessing weak passwords. Alternatively, they may use credential stuffing or phishing to obtain login details. Once inside the account, they use stored cards, saved addresses, and loyalty balances to make purchases. The real account owner spots an unexpected charge on their statement or receives shipping notices. They then report the activity as unauthorised. This prompts F24.
Stolen credentials also cause F24 in cases where a fraudster uses card data obtained from data breaches or malware. If that card is used at a merchant the cardholder has used before, it can appear plausible to the bank until the cardholder denies authorisation. In card-present settings, F24 can be raised when a lost or stolen card is used without a chip read and proper verification.
Friendly fraud contributes as well. A customer may forget a purchase. They may object to a family member’s use of their card. Or, they may dispute a charge to bypass the merchant’s return or cancellation policy. Poor billing descriptors or unclear subscription terms can prompt a confused consumer to dispute the issue. These factors all feed into F24 claims.
Time Limit for Disputing an American Express Reason Code F24 Chargeback
Timing matters. For Reason Code F24, American Express sets a short time limit: the acquirer or merchant must respond within 20 calendar days of the dispute. Note that this is not 20 working days, and it includes internal handling by the acquirer. In practice, merchants often have far less time to gather and submit evidence. Best practice is to work to an internal deadline of a few days and prepare templates in advance.
Your response should directly address the key element of this dispute: the lack of authorisation. That means offering proof that the cardholder did, in fact, authorise the transaction, or that you had already issued a credit. Missing the time limit usually results in an automatic loss. The faster you can confirm the facts, the more likely it is that you will be able to fight the case. Keep in mind that each party in the chain may reserve processing time, so submit early, not at the deadline.
What F24 Means for Consumers & Issuers
For consumers, F24 is a route to challenge transactions they believe they did not authorise. If a cardholder sees charges they do not recognise, they can report them promptly to their issuer. They will then investigate. Issuers may check for a prior relationship between the customer and the merchant. This can help rule out simple misunderstandings. However, a purchase history doesn't negate the possibility of account takeover or stolen card use.
Issuers must strike a balance between consumer protection and fair treatment of merchants. They assess risk signals, examine previous purchase patterns, and may request additional information. In e-commerce, American Express SafeKey (3-D Secure) can add an extra layer of authentication. In many markets, successful authentication may influence liability for fraud claims. Issuers also monitor repeat disputes from the same cardholder. They may advise replacing the card, obtaining new credentials, or implementing additional security measures. For both consumers and issuers, the objective is the same. Swift resolution, reduced exposure to fraud, and minimal disruption to everyday spending.
What F24 Means for Merchants
For merchants, F24 represents both financial risk and operational pressure. Funds tied to the disputed transaction are debited while the case is being reviewed, which may affect your cash flow. Reversal also incurs fees and can increase dispute ratios, leading to higher scrutiny and processing costs. When F24 stems from account takeover, it may expose systemic weaknesses. This can include account security, checkout processes, or post-purchase monitoring.
The reputational impact is real. Multiple fraud claims erode trust with processors and may lead to tighter controls or reserves. Merchants with subscriptions face additional risk if credentials on file are compromised or abused. On the other hand, overly aggressive risk rules can block legitimate customers and hinder conversions. Success lies in striking a balance. Apply layered fraud controls that protect revenue without creating excessive friction. Explicit descriptors, responsive support, and transparent policies reduce friendly fraud. Strong authentication and device intelligence counter actual fraud. Treat each F24 as a signal to refine processes.
How to Respond to a Code F24 Chargeback
When a F24 dispute arrives, act quickly. Start by checking for a prior refund or credit. If you have already refunded the cardholder, submit the credit memo or system records. If you need to fight the dispute, focus your evidence on authorisation and cardholder involvement.
For card-not-present sales, provide logs that show the customer's device or 2FA approval. Add relevant data such as:
- AVS and CVV results
- SafeKey authentication data
- Order details
- IP address
- Device fingerprint
- Geolocation data
Add communications with the cardholder if available. Document prior unchallenged orders and proof of consent for stored credentials or subscriptions. For physical goods, include shipment tracking showing delivery to the verified address. Include signatures and courier confirmations where applicable. For digital goods, provide access logs, download timestamps, and usage records.
For card-present transactions, supply chip read data, PIN or signature verification, terminal logs, and receipts. Keep your tone factual and concise. Submit all materials within the specified time frame through the designated channel. If the evidence is weak, consider accepting the dispute and focusing on prevention to maintain good relations with the issuer.
Proactive Prevention: The Ultimate Defence
Prevention reduces disputes before they start. Begin with strong account security. Prompt customers to change their account passwords periodically. Add two-factor authentication and alerts for profile changes or new devices.
Implement layered fraud checks at checkout. Use AVS, CVV, device fingerprinting, velocity rules, and behavioural signals. For e-commerce, use SafeKey to authenticate high-risk or high-value orders. Keep billing descriptors clear. Include a recognisable trading name and contact number. Make cancellation and refund terms easily accessible.
Finally, try out chargeback alerts to catch incoming disputes as they are filed. This gives you added time to communicate with the customer and refund where appropriate.
