How do I spot a fake EcoCash or bank transfer proof of payment?

You cannot reliably spot a fake screenshot by looking at it — editing software makes them convincing. The only reliable check is to log into your actual bank account or EcoCash wallet and confirm the money is there before you release the order. Never fulfil based on the screenshot alone.

What is a chargeback and how long does a customer have to raise one?

A chargeback is when a cardholder disputes a transaction with their bank and the bank forcibly reverses the payment. Visa and Mastercard rules allow disputes to be raised up to 120 days after the transaction date for most dispute types. This means a customer can pay, receive goods, and then dispute the charge up to four months later. Keep your delivery records and order evidence for at least 6 months per order.

What is friendly fraud?

Friendly fraud is when a real customer makes a legitimate purchase, receives the goods or service, and then disputes the charge with their card issuer claiming non-delivery or unauthorised use. The bank reverses the payment. The merchant loses both the goods and the money. Delivery tracking and signed confirmation are your main defences.

What happens if I get too many chargebacks on Stripe or Pesepay?

Payment gateways monitor chargeback rates. If your chargeback rate exceeds around 1% of transaction volume, your gateway may place your account under review, impose a reserve on your funds, or terminate your merchant account. A terminated gateway account means you can no longer accept card payments through that provider.

Zimbabwean merchant reviewing payment notifications on a phone

Business Advice · Payments

Online Payment Fraud: What Every Zimbabwean Merchant Needs to Know

The moment your store goes live, fraudsters are watching too. These are the scams targeting Zimbabwean merchants — and exactly what to do about each one before your first order ships.

Published March 2026·8 min read

When you sell in person, you see the money before you hand over the goods. Online, there is always a gap — between payment notification and verified funds, between shipping an order and knowing it was received, between a customer paying and that payment being final. Fraud lives in that gap.

This is not a reason to avoid selling online. Millions of businesses do it safely every day. The ones that avoid fraud are simply the ones who knew what to expect. Here is what every merchant on Marii needs to know before they start accepting online payments.

The fake proof-of-payment screenshot

This is the most common form of online merchant fraud in Zimbabwe, and it is effective precisely because it looks routine. A customer places an order and selects manual payment — bank transfer or EcoCash. They then upload a screenshot that appears to show the transfer was made. You see the notification. The screenshot looks real. You release the order. The goods go out. You check your bank the next day and the money was never there.

Screenshot editing is not difficult. Free tools make convincing fakes in minutes — correct bank name, correct merchant account number, right amount, right date. There is no visual tell that reliably separates a real confirmation from a fake one.

Rule 1

A screenshot is not payment. Your bank balance is payment.

Before you confirm any manual payment order — bank transfer or EcoCash — log into your actual bank account or check your EcoCash wallet and confirm the money is sitting there. Not pending. There. Every time. No exceptions, no matter how busy you are or how convincing the screenshot looks.

Do not ship because a notification arrived in Marii.

Do not ship because the screenshot looks professional.

Do not ship because the customer is pressuring you for fast delivery.

Ship when you have opened your banking app and the money is in your account.

Chargebacks — and the window you do not know about

A chargeback is when a cardholder contacts their bank and disputes a transaction. The bank investigates and — if they side with the customer — forcibly reverses the payment from your gateway account. You lose the money, and depending on your gateway, you may also be charged a chargeback handling fee on top.

The part most merchants do not know: under Visa and Mastercard rules, customers have up to 120 days from the transaction date to raise a dispute for most dispute types. That is four months. A customer can pay for an order in November, receive it, use it, and file a chargeback in March.

What this means for your records

Keep your delivery confirmation, tracking numbers, order details, and any customer communication for a minimum of 6 months after every order. When a chargeback is raised, your gateway will ask you for evidence — delivery proof is what wins disputes. Marii retains your order records automatically, but make sure your delivery records live somewhere you can export them quickly.

Chargeback process — what happens

Customer disputes with their bank

They call or message their card issuer claiming non-delivery, wrong item, or unauthorised charge.

Gateway notifies you

Stripe, Pesepay, or Paynow sends a chargeback notice. You typically have 7–14 days to respond with evidence.

You submit your evidence

Delivery proof, order confirmation, tracking number, photos, any communication with the customer.

The card network decides

Visa or Mastercard reviews both sides. If they find for the customer, the payment reversal is permanent.

Your gateway account is at risk too

Payment gateways monitor chargeback rates. If your rate exceeds roughly 1% of your monthly transaction volume, your gateway may place a rolling reserve on your settlements — holding a percentage of your revenue for 90–180 days as a buffer — or suspend your account entirely. Preventing chargebacks protects your revenue and your ability to keep accepting card payments.

Friendly fraud — the customer who lies

Friendly fraud is a specific type of chargeback where there is nothing wrong with the transaction. The customer paid with a real card. The goods were delivered. Everything was legitimate. Then they contact their bank and claim they never received the order, or that the card was used without their permission.

The bank does not know they are lying. Without evidence from you, they will typically side with the cardholder. You lose the payment and you have already lost the goods.

How to build a defence from the first order

For physical goods: use a delivery service that provides a tracking number and proof of delivery. For high-value items, require a signature. For digital goods or services: log the exact time and method of delivery and keep records of any login activity or downloads. Screenshot any WhatsApp or email thread with the customer confirming receipt. These records are your evidence when a dispute is raised.

The overpayment scam

A "customer" contacts you saying they accidentally sent too much money and asks you to refund the excess. The original payment appears in your account — it may show as pending or even cleared. You send back the difference as a goodwill gesture. Then the original payment reverses — it was fraudulent or made from a compromised account — and you are left having paid out of your own pocket.

The variation used against businesses: the customer overpays and asks you to send the excess to a "third party" on their behalf. This is a money mule setup. Do not participate.

Rule 2

Never refund more than the original settled amount.

If someone claims to have overpaid, wait until that payment has fully cleared in your bank account — not pending, fully cleared — before you consider any action. If the situation feels unusual in any way, do not process a refund until you have spoken to your bank directly. When in doubt, the answer is to wait.

Stolen card purchases

A fraudster obtains card details — through phishing, a data breach, or a card skimmer at a fuel station or ATM — and uses them to buy from your store. The legitimate cardholder eventually notices, disputes the charge, and the payment reverses. You lose the goods and the money even though you had nothing to do with the theft.

Your gateway's fraud detection is your first line of defence here. Stripe's Radar system, for example, scores every transaction for risk. Do not disable or override fraud rules to reduce declined payments — those declines are protecting you.

Order patterns worth a second look

Multiple orders from different cards going to the same delivery address

A new customer placing an unusually large first order

Unusual urgency — a customer who pushes very hard for same-day delivery

An order where the delivery address is inconsistent with the billing country

Multiple failed card attempts followed by a successful one

If an order triggers more than one of these patterns, verify before you fulfil. Contact the customer through a channel you initiated — not one they gave you — and confirm the order details. A legitimate customer will not mind. A fraudster will disappear.

Protecting your gateway account

Because Marii uses the Bring Your Own Gateway model, your Stripe, Pesepay, or Paynow account is your own — opened under your business name, with your own banking details, and governed entirely by your agreement with that provider. Marii is only the bridge that connects your store to your account.

This means your gateway account is yours to protect. A suspended or terminated gateway account means you cannot accept card payments through that provider — which is a serious operational problem for any online store. The main causes of account suspension are things you control.

High chargeback rate

Above roughly 1% of transaction volume triggers review. Above 2% can trigger termination. Prevent chargebacks, dispute them promptly when they occur.

Prohibited goods or services

All gateways have Acceptable Use Policies. Selling prohibited items — regardless of local legality — results in immediate termination.

AML / KYC non-compliance

Your gateway requires you to complete KYC and comply with anti-money laundering obligations. Gaps in your compliance create account risk.

Suspicious transaction patterns

Sudden large transaction spikes, unusual volumes, or patterns that resemble transaction laundering will trigger a review.

Keep your gateway credentials safe

Your Stripe secret key, Pesepay Integration Key, and Paynow Integration Key give whoever holds them the ability to interact with your merchant account. Never share these in WhatsApp messages, emails, or screenshots. Never enter them on any website other than your Marii settings panel. If you suspect a key has been compromised, regenerate it immediately from your gateway dashboard and update it in Marii.

Fraud prevention — your starting checklist

Never confirm a manual payment order without checking your actual bank account or EcoCash wallet first.

Use tracked delivery for all physical goods. Keep the tracking record on the order.

For high-value deliveries, require a signature on receipt.

Keep order records, delivery confirmations, and customer communications for at least 6 months per order.

Do not disable fraud detection rules on your gateway — declined transactions are protecting you.

Treat unusual order patterns as a prompt to verify before you fulfil, not after.

Never refund an amount greater than the original settled payment.

Store your gateway credentials (Stripe key, Pesepay key, Paynow key) securely. Never share them over WhatsApp or email.

Respond to chargeback notices promptly — you typically have 7–14 days and missing the window means an automatic loss.

How Marii helps

Because Marii uses the Bring Your Own Gateway model, your money moves directly from your customer to your own gateway account — Marii never holds or touches your funds. Your order history, customer records, and transaction data are all stored in your Marii dashboard and can be exported at any time. When a dispute or chargeback is raised, everything you need to build your evidence case is in one place.

Questions about how payments work on Marii?

Read the full Bring Your Own Gateway guide to understand exactly how your store connects to Stripe, Pesepay, and Paynow — and where your money goes.

Read the BYOG guide Ask us on WhatsApp

Not on Marii yet? Start free →