Retail payment terminal — chargebacks and card payments context
Article

Shopify Chargeback Evidence Checklist: What to Pull, What to Skip, and When

A scannable, reason-code-mapped checklist for Shopify merchants assembling a dispute response under deadline. Covers fraud, INR, and SNAD — with decision points for CE 3.0 eligibility and delivery edge cases.

DE

DisputeDesk Editorial

Jun 1, 2026
8 min read
English

Pull the right evidence first — not everything you have

When a dispute lands in Shopify Admin → Orders → Disputes, the clock starts immediately. Visa gives merchants 20 days to respond; Mastercard varies by reason code — confirm the exact deadline with your acquirer before anything else. The instinct is to grab every document in the order. That's the wrong move. Issuers review hundreds of responses. Unfocused packs get skimmed. Focused packs get read.

This checklist is organized by dispute type — not by document type. Find your reason code, pull what's listed, skip what isn't. If you're building a narrative around the evidence, that's a different task — this is triage.

One distinction before you start: this is a checklist, not an evidence pack. An evidence pack is a structured narrative document. This is the inventory step that precedes it. Don't conflate them.

Before you touch evidence: three checks in Shopify Admin

Run these before pulling a single document. They determine whether your response is even viable.

  1. Confirm the deadline. In Admin → Orders → Disputes, the dispute card shows the response due date. If it's within 48 hours, escalate internally now — not after evidence collection.
  2. Check the reason code. The reason code determines what evidence is relevant. A fraud code and an INR code require completely different responses. Responding to a fraud code with delivery confirmation alone is a common losing pattern.
  3. Check fulfillment status. In the order detail, confirm the fulfillment event timestamps. If the order shows fulfilled but the tracking hasn't updated in the carrier system, note the gap — issuers will.

Master checklist by dispute type

Use the section that matches your reason code. Items marked [Required] are non-negotiable for a viable response. Items marked [Supporting] strengthen the case but won't carry it alone. Items marked [Situational] apply only in specific scenarios noted.

Fraud / Unauthorized Transaction (Visa 10.4, MC 4837, Amex FR2)

Evidence ItemWhere to Get ItWeightNotes
Order confirmation with billing/shipping matchShopify Admin → Orders → [Order] → Customer[Required]Billing = shipping address is a positive signal; mismatch requires explanation
AVS and CVV result codesShopify Admin → Orders → [Order] → Payment section[Required]AVS Y + CVV M is the strongest combination; AVS N alone rarely saves the case
IP address at checkoutShopify Admin → Orders → [Order] → Fraud analysis[Required]Flag VPN or proxy hits before submitting — issuers will catch them
Device fingerprint / browser sessionShopify Fraud Analysis panel or third-party app logs[Supporting]Useful when IP matches cardholder's known geography
Delivery confirmation with timestampCarrier portal (USPS, UPS, FedEx) — not Shopify tracking page[Required]Pull from carrier directly; Shopify tracking embeds can lag
Signature confirmationCarrier portal[Situational]Required for orders over $750 on most networks; confirm threshold with acquirer
Prior non-disputed orders from same card/emailShopify Admin → Customers → [Customer] → Order history[Situational]CE 3.0 eligibility check — see decision point below
Shopify Protect status (if active)Admin → Orders → [Order] → Fraud protection badge[Situational]If Shopify Protect covered the order, the dispute may be handled automatically — verify before building a manual response

Item Not Received / INR (Visa 13.1, MC 4853-INR)

Evidence ItemWhere to Get ItWeightNotes
Fulfillment timestamp from ShopifyAdmin → Orders → [Order] → Timeline[Required]Shows when label was created vs. when carrier scanned it — gap here is a liability
Full carrier tracking history (all scan events)Carrier portal — export as PDF[Required]"Delivered" status alone is insufficient if the scan history shows gaps or reroutes
Delivery photo (if carrier provides)USPS Informed Delivery, UPS Photo, FedEx Delivery Manager[Supporting]Not available for all carriers or all routes — don't assume it exists
Shipping address confirmation from orderAdmin → Orders → [Order] → Shipping address field[Required]Confirm carrier delivered to the address on the order — not a forwarded address
Customer communication logShopify Admin → Orders → [Order] → Timeline (email events) or help desk export[Supporting]If the customer contacted you before filing, include it — if they didn't, note the absence
Refund policy shown at checkoutScreenshot of checkout page or policy URL with timestamp[Supporting]Relevant if cardholder bypassed your resolution process to file directly

Significantly Not as Described / SNAD (Visa 13.3, MC 4853-SNAD)

Evidence ItemWhere to Get ItWeightNotes
Product listing at time of purchase (archived screenshot or Wayback)Your store or web archive[Required]If listing has changed since purchase, issuers will notice — pull the version that was live at order date
Order confirmation showing product variant selectedAdmin → Orders → [Order] → Line items[Required]Variant mismatch (wrong size, color, SKU) is a fast loss — verify before submitting
Photos or specs of item shippedInternal QC records, warehouse photos if available[Supporting]Rare to have; include if you do
Return/resolution attempt logHelp desk or Shopify order timeline[Required]SNAD disputes are hardest to win when the cardholder never contacted you first — document any outreach or absence of it
Return policy displayed at checkoutCheckout screenshot or policy page[Supporting]Shows the cardholder had a resolution path before going to the bank

Decision point: CE 3.0 or standard fraud response?

If your dispute is a Visa fraud code (10.4) and the cardholder has prior non-disputed transactions with your store, check CE 3.0 eligibility before building your standard response.

Path A — CE 3.0 eligible: Two or more prior non-disputed Visa transactions from the same cardholder, within 120 days, with matching device or IP signals. If this applies, CE 3.0 shifts the burden back to the issuer and can result in a pre-arbitration win without a full evidence pack. Pull the prior transaction records from Shopify Admin → Customers → [Customer] → Order history and confirm with your acquirer that CE 3.0 is supported on your account.

Path B — Standard fraud response: No prior transaction history, or the cardholder is new. Build the standard authorization-evidence stack: AVS/CVV results, IP, device, delivery confirmation. This is the default path for most merchants. The risk: without prior transaction history, you're proving authorization alone — and authorization doesn't prove the cardholder made the purchase.

Choosing Path A when you don't actually qualify is worse than Path B. Issuers flag CE 3.0 submissions that don't meet the criteria, and it can affect your standing. Confirm eligibility before committing to that path. For more on CE 3.0 mechanics, see the Visa Compelling Evidence 3.0 article in this cluster.

The $340 apparel order that had most of it — and still lost

A merchant shipped a $340 apparel order. AVS matched. CVV matched. Carrier showed delivered. The fraud dispute came in 18 days later. The merchant submitted AVS results, tracking confirmation, and the order receipt.

What they missed: the IP at checkout resolved to a VPN exit node in a different state. The Shopify Fraud Analysis panel flagged it as medium risk. The merchant didn't check it before submitting. The issuer's review noted the IP inconsistency, discounted the AVS match as insufficient standalone authorization, and ruled for the cardholder.

The evidence wasn't incomplete — it was unreviewed. The merchant submitted without running the three pre-checks above. The IP flag was visible in Admin the entire time. Delivery confirmation doesn't override an authorization signal that the issuer reads as compromised. For more on when delivery proof stops working, see the article on when delivery proof is not enough.

Evidence narrative line (adapt for your submission)

Use this as the opening line of your evidence narrative — not as a template to copy verbatim:

"The order was placed on [date] from IP [X], which resolves to [city, state] — consistent with the billing address on file. AVS returned Y (full match); CVV returned M. The order was fulfilled on [date] and delivered to the billing address on [date] per carrier scan. The cardholder did not contact us prior to filing this dispute."

If any of those fields are blank or inconsistent, resolve them before submitting — don't leave gaps for the issuer to fill in against you.

Internal note format (for dispute logging)

Log this in your dispute tracker or Shopify order notes immediately after pulling evidence:

Dispute [ID] | Code: [reason code] | AVS: [result] | CVV: [result] | IP flag: [clean/flagged] | Delivery: [confirmed/unconfirmed] | Prior orders: [Y/N, count] | CE 3.0 eligible: [Y/N] | Deadline: [date] | Assigned: [name]

This single line surfaces the decision-relevant signals without requiring someone to re-open the order. It also creates an audit trail if the dispute escalates to arbitration.

What to skip

These items appear in many chargeback responses and rarely change outcomes:

  • Terms of service pages — issuers don't weigh them heavily unless the dispute is specifically about policy violation
  • Marketing emails sent to the customer — not authorization evidence
  • Screenshots of your store's homepage — irrelevant to any reason code
  • Partial tracking screenshots — always pull the full carrier history PDF; partial screenshots invite questions about what's missing
  • Customer reviews of your store — not evidence of this transaction

Every page you add that doesn't answer the issuer's specific question dilutes the pages that do. Issuers are not looking for volume — they're looking for the answer to one question: did this cardholder authorize this transaction, receive this item, or receive what they ordered? Build toward that question only.

Submission mechanics in Shopify

In Admin → Orders → Disputes → [Dispute], use the Submit response button to upload evidence. Shopify accepts PDF, JPG, and PNG. File size limits apply — confirm current limits in the Disputes interface, as they change. Combine multi-page documents into a single PDF rather than uploading individual pages. Issuers receive a compiled packet; fragmented uploads can display out of order.

The Rebuttal letter field in the Shopify dispute submission form is where your evidence narrative goes — not a separate attachment. Keep it under 500 words. Issuers read the narrative first; the attachments are supporting documentation, not the argument itself.

For a broader operational context on how disputes move through the lifecycle after submission, the Shopify chargebacks practical guide covers the full arc from dispute receipt to issuer decision.

Key Takeaways

Run three pre-checks in Shopify Admin before pulling any evidence: confirm the deadline, identify the reason code, and verify fulfillment timestamps — in that order.
Evidence requirements differ significantly by reason code. Fraud disputes require authorization signals (AVS, CVV, IP, device). INR disputes require full carrier scan history. SNAD disputes require product listing proof and resolution attempt logs.
Check CE 3.0 eligibility before defaulting to a standard fraud response — prior non-disputed transactions from the same cardholder can shift the burden back to the issuer, but submitting CE 3.0 without qualifying criteria is worse than not submitting it.
The Shopify Fraud Analysis panel flags IP and device risk signals visible before submission. Merchants who skip this check submit evidence that issuers use against them.
Unfocused evidence packs lose. Every document that doesn't answer the issuer's core question dilutes the ones that do.

FAQ

Where do I find AVS and CVV results in Shopify Admin?
Go to Admin → Orders → [Order] → Payment section. The AVS and CVV result codes are displayed there. AVS Y with CVV M is the strongest combination for fraud disputes; AVS N alone rarely carries a case.
Do I need signature confirmation for every dispute?
Not for every dispute — but most networks require it for orders above a certain value threshold (commonly $750, though this varies by network and acquirer). Confirm the threshold with your acquirer. For high-value orders without signature confirmation, delivery proof alone is a weaker position.
What's the difference between this checklist and building an evidence pack?
This checklist is the inventory step — it tells you what to pull and whether you have it. An evidence pack is the structured narrative document you submit. The checklist precedes the pack. Conflating them leads to unfocused submissions.
If Shopify Protect covered the order, do I still need to respond?
If Shopify Protect is active and the order qualifies, the dispute may be handled automatically. Check the fraud protection badge on the order before building a manual response — submitting a manual response on a Protect-covered order can create conflicting records.
Can I submit the same evidence for both fraud and INR reason codes?
No. Fraud disputes require authorization evidence (AVS, CVV, IP, device). INR disputes require delivery evidence (full carrier scan history, delivery confirmation). Submitting fraud-focused evidence for an INR dispute — or vice versa — is a common losing pattern.

Disclaimer

This content is for informational purposes only and does not constitute legal advice.

Automate Your Chargeback Responses

DisputeDesk automatically tracks deadlines, collects evidence, and generates winning responses so you never miss a deadline again.

Shopify Chargeback Evidence Checklist