Dispute and fraud card monitoring programs
Learn about the monitoring programs operated by the card networks, and what you should do if you're placed into one.
As part of your financial obligations to the card networks, you must ensure that disputes (also called chargebacks) and fraud are kept at acceptable levels. If these exceed the thresholds dictated by each network (e.g., Visa or Mastercard), you’re placed into one of their monitoring programs. As part of a program, you can incur monthly fines and additional fees until you reduce your dispute or fraud levels.
Stripe can work with you on a remediation plan to reduce the levels of disputes or fraud related to your account. We also communicate directly with the networks and relay information on a monthly basis. Download our remediation template to get started.
Failure to comply with the requirements of a program within the specified time period (what the networks call a timeline) can result in the network refusing to process further payments using their cards. While this is extremely rare, you need to take immediate action to address the situation.
Visa monitoring programs
The Visa Fraud Monitoring Program (VFMP) and Visa Dispute Monitoring Program (VDMP) apply to users in all of our supported countries. The Visa Fraud Monitoring Program-3DS (VFMP-3DS) is a third program that only applies to users based in the U.S. The timelines used by either program depend on which threshold—Standard or Excessive—has been exceeded.
Each timeline spans a 12-month period and determines what actions to take on a monthly basis. At the beginning of each month Visa reviews your previous month’s activity to see if it has exceeded any of their established thresholds. If so, we’ll reach out and discuss this with you.
For users in the US, EU, Canada, Australia, and Brazil, only domestic activity counts towards their monthly totals. For users outside of those regions, both domestic and cross-border activity are counted.
Early warning notifications
Visa operates an early warning system that warns users—through Stripe—who are at risk of being placed into a monitoring program. Users who meet the early warning threshold aren’t immediately placed into the program. Instead, they’re given the opportunity to reduce the level of fraud on their account to avoid placement.
Remediation
Visa removes you from their programs when your level of disputes or fraud drops below the Standard threshold for three consecutive months. The following three months are considered a “tracking” period. If you exceed any of the thresholds in this period, you’re immediately placed back into the program and the original timeline resumes—a new timeline doesn’t start. Additionally, if you exceed the Excessive threshold, you’re removed from the program only when your fraud or dispute levels fall below the Standard threshold.
As part of the remediation process, you may be required to provide Stripe with details on the steps you’re taking and your timeline for implementation.
VDMP: Visa Dispute Monitoring Program
VDMP applies to users with an unusually high level of disputed payments on their account. Users are placed into this program if they meet or exceed the thresholds for the following criteria:
- The total number of payments that have been disputed (dispute count)
- The ratio of disputed payments to all payments (dispute rate)
| Dispute Count | Dispute Rate | Fines |
|---|---|---|
| 75 | 0.65% | None. You have the opportunity to take action that reduces your dispute level before it exceeds a threshold where fines are incurred. |
Early warning notifications may not occur if your account immediately matches or exceeds the Standard or Excessive thresholds of VDMP.
| Number of Disputes | Dispute Rate | Fines |
|---|---|---|
| 100 | .9% | Fines begin after four months and continue on a monthly basis until removal from the program. See timeline for more information. |
The following timeline applies to the 12-month period that a user is part of a card monitoring program.
- Months 1-4
- Workout period
- No fines
- Months 5-9
- Visa fine of 50 USD / 45 EUR per dispute
- Months 10-11
- Visa fine of 50 USD / 45 EUR per dispute
- 25,000 USD review fee (non-EU merchants only)
- May require audit
- Month 12+
- Visa fine of 50 USD / 45 EUR per dispute
- 25,000 USD review fee
- May require audit
- Merchant eligible for disqualification (i.e. can no longer process Visa payments)
During the workout period, you have the opportunity to take action that reduces your dispute level before fines are incurred.
| Number of Disputes | Dispute Rate | Fines |
|---|---|---|
| 1,000 | 1.8% | Fines begin immediately and continue until removal from the program. See timeline for more information. |
The following timeline applies to the 12-month period that a user is part of a card monitoring program.
- Months 1-6
- Visa fine of 50 USD / 45 EUR per dispute
- Months 7-11
- Visa fine of 50 USD / 45 EUR per dispute
- Visa can begin to apply a 25,000 USD review fee (non-EU merchants only)
- Month 12+
- Visa fine of 50 USD / 45 EUR per dispute
- Visa can begin to apply a 25,000 USD review fee (non-EU merchants only)
- Merchant eligible for disqualification (i.e. can no longer process Visa payments)
VFMP: Visa Fraud Monitoring Program
VFMP applies to users with an excessive level of fraud on their account, which is calculated using both fraudulent chargebacks and TC40 data. You’re placed into this program if you exceed the thresholds for the following criteria:
- The total volume in U.S. dollars of Visa payments that are fraudulent (Fraud Volume)
- The ratio of the volume in fraudulent Visa payments to all payments (Fraud Rate)
| Fraud Volume | Fraud Rate | Fines |
|---|---|---|
| 50,000 USD | 0.65% | None. You can take action that reduces your fraud level before it incurs penalties. |
Early warning notifications may not occur if your account immediately matches or exceeds the Standard or Excessive thresholds of VFMP.
| Fraud Volume | Fraud Rate | Fines |
|---|---|---|
| 75,000 USD | .9% | None. You can take action that reduces your fraud level before it incurs penalties. |
The following timeline applies to the 12-month period that a user is part of a card monitoring program.
- Months 1-4
- No penalties
- Months 5-11
- Issuers able to raise fraudulent disputes on 3DS transactions (all markets)
- Month 12+
- Issuers able to raise fraudulent disputes on 3DS transactions (all markets)
- Merchant eligible for disqualification (i.e. can no longer process Visa payments)
There are no fines for users who meet or exceed this threshold. However, U.S. users in this program lose liability shift on 3D-Secure transactions immediately. Users located outside of the U.S. lose this starting in either month five or at Excessive thresholds. Liability shift is not restored until fully exiting the program after the three "tracking" months. Users must still take action to reduce their fraud level before it exceeds a threshold where fines are incurred.
| Fraud Volume | Fraud Rate | Fines |
|---|---|---|
| $250,000 | 1.8% | Fines begin immediately and continue on a monthly basis until removal from program. Refer to the timeline for more information. |
The following timeline applies to the 12-month period that a user is part of a card monitoring program.
- Months 1-3
- Visa fine of $10,000
- Issuers able to raise fraudulent disputes on 3DS transactions
- Months 4-6
- Visa fine of $25,000
- Issuers able to raise fraudulent disputes on 3DS transactions
- Months 7-9
- Visa fine of $50,000
- Issuers able to raise fraudulent disputes on 3DS transactions
- Months 10-12
- Visa fine of $75,000
- Issuers able to raise fraudulent disputes on 3DS transactions
- Month 12+
- Visa fine of $75,000+
- Issuers able to raise fraudulent disputes on 3DS transactions
- Merchant eligible for disqualification (i.e. can no longer process Visa payments)
Users in this program lose liability shift on 3D-Secure transactions immediately and this is not restored until fully exiting the program after the three "tracking" months.
VFMP: Visa Fraud Monitoring Program-3DS (U.S.-only)
VFMP-3DS applies to U.S. users with an excessive level of domestic 3D-Secure fraud on their account. You’re placed into this program if you exceed the thresholds for the following criteria:
- The total volume in U.S. dollars of Visa 3DS domestic payments that are fraudulent (fraud volume)
- The ratio of the volume in fraudulent payments to 3DS domestic payments (fraud rate)
| Fraud Volume | Fraud Rate | Fines |
|---|---|---|
| 5,000 USD | 0.50% | None. You have the opportunity to take action that reduces your fraud level before it exceeds a threshold where penalties are incurred. |
| Fraud Volume | Fraud Rate | Fines |
|---|---|---|
| 7,500 USD | 0.75% | None, but liability shift on domestic 3DS transactions is lost while in the program and until a user has fully exited. |
Mastercard monitoring programs
Mastercard’s Excessive Chargeback Program (ECP) consists of two levels: Excessive Chargeback Merchant (ECM) and High Excessive Chargeback Merchant (HECM), and it applies to users in all supported countries. The Excessive Fraud Merchant (EFM) Compliance Program is a separate program that applies to users in all supported countries besides Germany, India, and Switzerland.
If your account exceeds program thresholds, Mastercard places you into this program and Stripe notifies you. If you exceed both EFM and ECP thresholds, you’re placed in EFM but not ECP. For example, you exceed EFM and ECP thresholds in March and April but only exceed ECP thresholds in May. In April, you’d be placed in month 2 of EFM and fined accordingly. In May, you’d be placed in month 3 of ECP despite the EFM identifications taking precedent in prior months.
Remediation
You exit ECM as soon as your level of disputes drops below the ECM threshold for 3 consecutive months. If you’re in HECM and your dispute level drops but still exceeds ECM thresholds (between 1.5-2.99%), you move to that program. To be removed from EFM, you need to avoid at least one of the conditions for 3 consecutive months.
As part of the remediation process, you must provide Stripe with details on the steps you’re taking to prevent disputes and your timeline for implementation.
ECP: Mastercard Excessive Chargeback Program
Users are placed into ECP if they meet or exceed the thresholds for the following criteria:
- The total number of Mastercard payments that have been disputed (chargeback count)
- The chargeback-to-transaction ratio (chargeback rate)
The chargeback rate is a ratio of disputed payments to all payments. It’s calculated as the number of Mastercard disputes received in a calendar month compared to the total number of Mastercard payments from the preceding month. You must exceed both thresholds to qualify for ECM.
ECM: Mastercard Excessive Chargeback Merchant
| Dispute Count | Chargeback Rate | Fines |
|---|---|---|
| 100–299 | 1.5–2.99% | Fines begin in month two and continue at increasing rates in subsequent months. See the timeline below for details. |
| Number of months above ECM thresholds | Fine | Issuer recovery assessment |
|---|---|---|
| 1 | 0 USD | No |
| 2 | 1,000 USD | No |
| 3 | 2,000 USD | No |
| 4–6 | 5,000 USD | Yes |
| 7–11 | 25,000 USD | Yes |
| 12–18 | 50,000 USD | Yes |
| 19+ | 100,000 USD | Yes |
Issuer recovery assessment applies an additional 5 USD per chargeback fee for each chargeback over 300 chargebacks. For example, a merchant identified in month 4 of ECM with 400 disputes will be assessed a 5,500 USD fine (5,000 USD + (400-300) x 5 USD).
HECM: Mastercard High Excessive Chargeback Merchant
| Dispute count | Chargeback Rate | Fines |
|---|---|---|
| 300+ | 3% | Fines begin in month two and continue at increasing rates in subsequent months. See the timeline below for details. |
| Number of months above ECM thresholds | Fine | Issuer recovery assessment |
|---|---|---|
| 1 | 0 USD | No |
| 2 | 1,000 USD | No |
| 3 | 2,000 USD | No |
| 4–6 | 10,000 USD | Yes |
| 7–11 | 50,000 USD | Yes |
| 12–18 | 100,000 USD | Yes |
| 19+ | 200,000 USD | Yes |
Mastercard communicates total fine amounts to merchants through Stripe.
EFM: Mastercard Excessive Fraud Merchant Compliance Program
You’re placed into the EFM program if you meet or exceed the thresholds for the following criteria:
- Number of e-commerce Mastercard payments
- The total volume in U.S. dollars of Mastercard payments that result in fraudulent chargebacks (net fraud volume) calculated by dispute reason code (reason code 4837 and 4863)
- The fraud-count-to-transaction ratio (fraud chargeback rate)
- The ratio of 3DS Mastercard payments to all Mastercard payments
The fraud chargeback rate uses a similar calculation to the chargeback rate found in ECM or HECM. The only difference is that the fraud chargeback rate is calculated using only fraudulent chargebacks.
EFM applies to users who meet all of the following conditions:
- Minimum of 1,000 e-commerce Mastercard payments
- Net fraud volume is greater than 50,000 USD
- Fraud chargeback rate is greater than 0.50%
- Total 3DS Mastercard payment count is less than 10% of total Mastercard payment count
| Number of months above ECM thresholds | Fine |
|---|---|
| 1 | 0 USD |
| 2 | 500 USD |
| 3 | 1,000 USD |
| 4–6 | 5,000 USD |
| 7–11 | 25,000 USD |
| 12–18 | 50,000 USD |
| 19+ | 100,000 USD |
You can request that Mastercard suspend an assessed fine once during an open case, meaning that the request should happen when you’re confident you’ll be below thresholds in the next 3 consecutive months. If you request a suspension of fines, avoid identification in the next 2 months, but then exceed the thresholds in the following month, fine assessments would continue until you exit the program.
If you require assistance with a dispute, please contact Stripe support.