Visa reVAMPs chargeback monitoring

Acquirers constantly grapple with the complexities of fraud, disputes, and enumeration attacks.  Effective risk management is crucial for maintaining secure and efficient payment systems. Visa’s monitoring programs have been central to supporting acquirers in these efforts.

Visa's updated approach:

Visa has announced significant changes to its monitoring framework to better address these challenges. Visa's monitoring framework primarily targets fraud detection, dispute resolution, and enumeration attack monitoring. For example, tracking transactions for fraudulent activities, resolving disputes and identifying enumeration attacks.

Effective 31 March 2025, Visa will retire the Visa Dispute Monitoring Program (VDMP) and the Visa Fraud Monitoring Program (VFMP). From 31st of March 2025, Visa will enhance the Visa Acquirer Monitoring Program (VAMP), consolidating these programs into a single, more comprehensive framework.

What’s changing with VAMP?

Consolidation and enhanced coverage: VAMP will now incorporate the functions of VDMP and VFMP, resulting in broader fraud coverage across the ecosystem. In essence, VDMP handled disputes, while VFMP targeted fraud detection. This consolidation is aimed at simplifying the monitoring process while increasing its effectiveness.

New metrics and criteria: Visa is introducing a new transaction count-based metric that combines both fraud and non-fraud disputes. Additionally, new enumeration criteria will leverage the Visa Account Attack Intelligence (VAAI) Score system to provide increased coverage for monitoring enumeration activities, where cybercriminals gather information by systematically trying different possible passwords until the correct one is found.

Risk-based enforcement: VAMP will shift from non-compliance assessment-based enforcement to a risk-based approach. This allows for greater flexibility, accommodating varying levels of risk appetite among clients.

Updated thresholds: From 31st of March 2025, new identification thresholds will be implemented. In general, the thresholds will become stricter. For example, the VAMP Ratio threshold for identifying excessive acquirers will decrease from 50 bps to 30 bps, and new enumeration criteria with a threshold of 2000 bps will be introduced. The VAMP Ratio, which considers both fraud and non-fraud disputes, will be another key metric. Enumeration ratios will also be introduced to identify and manage risks more effectively.

More on tresholds

Acquirers are included in the Visa Acquirer Monitoring Program if they reach or surpass either the new fraud and disputes ratio or the new enumeration ratio. These ratios are calculated as follows:

New VAMP Ratio: Count of Reported Disputes plus Non-Fraud Disputes divided by Count of Total Sales.

VAMP Enumeration Ratio: Count of Enumerated Transactions divided by Count of Total Sales.

Impact and compliance requirements

Enforcement actionsAcquirers identified as Above Standard or Excessive (a VAMP Ratio of between 30 and 50 basis points) in VAMP will be subject to enforcement actions, including fees for card-absent fraud and non-fraud disputes. A grace period will be provided for first-time identifications within a rolling 12-month period, allowing acquirers time to improve their risk controls before facing penalties.

Advisory period and OneERS launchAn advisory period will commence on 1 April 2025, providing acquirers with notifications labelled as Advisory when thresholds are met or exceeded. During this period, acquirers should strengthen their risk controls and review merchant practices to ensure compliance.

Simultaneously, Visa will launch OneERS, a new client tool designed to enhance operational efficiency and security. This tool will offer a user-friendly interface, performance tracking, and detailed merchant identification information to assist in remediation efforts.

Charting a course for compliance

Acquirers should begin reviewing their risk management strategies and ensure they are prepared for the upcoming changes. Strengthening controls related to fraud, disputes, and enumeration attacks will be crucial in minimising activities that could negatively impact the ecosystem and reduce friction for consumers.

With our InvestiGate and Monitor solutions, you have a better idea if a new or existing merchant is at risk of excessive chargebacks or fraud. Contact us to find out more about how we do it.

‍