Changes to dispute thresholds: What should merchants & acquirers do about Visa’s new VAMP?

As one of the leading payment card issuing schemes, Visa makes decisions and announcements that can affect merchants significantly.

One of the most recent such developments came on May 9, when a bulletin announced changes to the way Visa keeps tabs on merchants with high dispute rates – including a lot of chargebacks.

Let’s take a deep dive into what’s changed and, importantly, what it could mean for all those who accept payments online.

Key takeaways

• VDMP, VFMP and VAMP are combining into a new VAMP

• New thresholds and metrics: VAMP rate and enumeration rate

• Ways to prevent VAMP enrollment through Visa’s tools

• Rolling out in Europe on April 1, 2025

What’s Visa doing to VAMP, VDMP and VFMP?

According to the Visa Business News bulletin, Visa is consolidating its three payment integrity and dispute monitoring programs currently in effect into one: a boosted version of the Visa Acquirer Monitoring Program (VAMP), to be used both for merchants and acquirers.

The changes will roll out in the Visa Europe area first, then to the rest of the world.

• The Visa Dispute Monitoring Program (VDMP) is retiring on March 31, 2025.

• The Visa Fraud Monitoring Program (VFMP) is retiring on March 31, 2025.

• The Visa Acquirer Monitoring Program (VAMP) is being updated, with the updates effective on April 1, 2025.

• There will no longer be an “above standard” threshold for merchants (it remains for acquirers).

• A new indicator metric is introduced that looks at the transaction count and combines all disputes, both fraud and non-fraud. Old indicators are going away.

• Visa is now focusing on risk-based enforcement rather than non-compliance assessment, citing “client flexibility” and “varying levels of risk appetite”.

• There is a transitional period from April 1st, 2025 to December 31st, 2025.

What are the VAMP changes for merchants?

Dispute thresholds are shifting, with the various metrics of other programs combining into a more rounded payment integrity approach. Some requirements are being streamlined, while Visa is also making a big push in favor of its dispute resolution tools.

1. Merchants will now have one dispute ratio to keep track of.

Retiring older ways to calculate chargebacks and other disputes, the new VAMP ratio is:

The new VAMP threshold for merchants will be 1.5% from April 2025, then dropping to 0.9% from the first day of January 2026. Anything higher than that will be classed as “excessive”.

Once a merchant (or acquirer) is labeled as excessive, they are enrolled into the VAMP program, which comes with additional fees and penalties. This applies to each merchant ID (MID) or each acquiring entity separately.

This is a way to incentivize merchants and acquirers’ implementation of payment fraud prevention and to provide better protections to consumers.

2. A new enumeration ratio is introduced to incentivize detecting card testing.

Sometimes called card testing, enumeration transactions are performed by fraudsters in an attempt to validate and identify stolen card details.

For merchants, not identifying and preventing these transactions could spell trouble, with the new enumeration ratio positing that if over 20% of submitted transactions are enumeration attacks, the merchant will be enrolled into VAMP.

The formula to calculate the enumeration ratio is:

3. Resolved/refunded disputes are excluded – but only if through Visa’s tools.

Interestingly, VAMP ratio calculations exclude disputes resolved through Visa’s Rapid Dispute Resolution (RDR) tool and Verifi's Cardholder Dispute Resolution Network (CDRN).

In addition to disputes resolved via these two programs, the exclusion also applies to disputes which are rejected through Compelling Evidence 3.

4. The “above standard” enrollment stage is going away.

Merchants will only be enrolled into VAMP if they have excessive VAMP or enumeration ratios – no provisions are made for “above standard” or “early warning”.

For acquirers, “above standard” VAMP ratio is going to be between 0.3% and 0.5% from January 1st, 2026.

Our new chargeback ratio analysis for merchants

In light of these developments, we’ve consulted Ravelin’s leading payments experts to answer some pressing questions for merchants.

If you have any questions we haven’t answered below, please don’t hesitate to reach out to our team for help.

How can merchants be proactive?

The first thing to keep in mind is that owing to the EU’s PSD2 (and upcoming PSD3) regulation, many organizations are likely to already be up to Visa’s updated standards. For example, some merchants might be using TRA (transaction risk analysis) to get fraud rate exemptions, thus achieving frictionless checkout for the customers. Therefore, they are unlikely to be letting through fraudsters.

In fact, some industry insiders have already commented on how this seems to be Visa’s way of aligning its policies with the EU's regulation ecosystem.

Another thing to remember is that although the focus of the changes is on the acquirers, who are the main liable entity, acquirers are likely to pass on the costs to merchants.

The alternative would be that acquirers will route more transactions through 3DS, which is likely to introduce more friction, depending on how it’s done.

• What do you already know about your chargeback rates and fraud rates? Try to match these to the new calculations. Are you close to the new thresholds? Could a massive fraud attack tip you over?
  
  

• If your metrics are, or are expected to be, a problem, this probably means your block rate is too low or that you’re not blocking the right people. You’ll have to think about a strategy of preventing more fraud. But keep in mind that there’s always a tradeoff between risk aversion and growth. Being aware of the company’s current goals will help you match your fraud appetite with it, and implement this into thresholds.
  
  

• Make sure to check what your acquirers’ terms and conditions say about chargeback ratios and who picks up the bills. This is a good starting point to managing your expectations.
  
  

• Importantly, make sure your acquirer sends you all your chargebacks, so you are aware of how many you have and what fraud you might be missing. Transparency is key to prevent becoming part of the VAMP program, especially for disputes where the issuer takes liability.
  
  

• Ask your acquirer if they are planning any changes due to Visa VAMP updates. Consider a switch if the answer is not to your liking – the earlier you start, the more time you will have to make the switch smoother.
  
  

• Are you using a fraud prevention tool, and if so, is it standalone or via your acquirer? Ask your teams whether it will continue to support your needs with these changes, and how: Will the providers be addressing tweaks to the settings or will you need to make them? Would you be able to support this or do you need external help?
  
  

• Consider 3D Secure. There is a strong case for good fraud prevention no matter who you are. And 3DS is one way to do that – and in some cases, it might be the simpler solution. Is it more beneficial for you to address your ratios through fraud prevention or through 3DS?
  
  

• This is a good time to evaluate how you’re counting the cost of chargebacks and setting your fraud thresholds. Doing so correctly can not just make your company compliant with card schemes’ expectations but also save you a lot of money.
  
  

Which transactions qualify for VAMP?

For purposes of calculating the new VAMP rates and enumeration rates, only card-not-present (CNP) transactions, domestic, and cross-border transactions are considered.

Non-fraud dispute condition codes 11 – Authorization, 12 – Processing Error and 13 – Customer Disputes are included in the calculation.

To be considered for VAMP, a merchant needs to have a minimum of 1000 combined fraud and non-fraud disputes each month, which are then used to calculate the VAMP ratio.

As we noted earlier, any disputes resolved through Visa’s tools such as Verifi and RDR are not taken into account.

Is this the time to sign up for Visa’s resolution and evidence tools?

Perhaps. This can depend on whether you’re only concerned about Visa’s ratios or other schemes too. However, if you do fraud prevention properly, then you are unlikely to have to worry about these ratios.

Because disputes going through Visa’s own resolution and evidence tools will be excluded from ratio calculations, this can be a tempting proposition for merchants and acquirers with worryingly high ratios.

One thing to remember is that tools such as RDR, Verifi CDRN and Compelling Evidence can be pretty costly.

More importantly, these types of tools and programs can either be card-scheme-specific or cross-scheme. If your Visa dispute rates are dangerously high, but you are consistently safe with Mastercard, American Express and the like, consider Visa’s solutions.

However, if you are seeing disputes and fraud associated with all types of cards rather than just Visa, a different, cross-scheme solution might be better. For example, Ethoca covers all card schemes and it can be integrated into Ravelin’s fraud prevention.

In other words, if you are specifically and solely trying to avoid getting on Visa’s programs and not on anyone else’s, then subscribing to these tools might be a good option. But if dispute rates and ratios across the board are a concern, consider going cross-scheme.

What if my dispute ratio is only high because I have few CNP transactions?

As previously was the case with Visa’s monitoring programs, so too the new VAMP will have a minimum number of transactions to calculate disputes and enumeration transactions against.

From April 1st, 2025, a minimum of 1000 disputes will apply to acquirer and merchant thresholds.

Therefore, smaller merchants who have fewer than 1000 disputes a month will not be taken into account for enrollment in the VAMP program – which is good news for those SMEs who may have worried about having to pay additional fees.

Why did Visa introduce an enumeration ratio?

The enumeration ratio was introduced because this type of attack never affected amount-based programs.

Visa is targeting card testing with the enumeration ratio, because as a card scheme, they arguably have more of a vested interest in preventing these types of attacks than merchants.

Enumeration attacks involve very small amounts of money, with the fraudster often using different online shops to test the card and to actually commit payment fraud with those cards that have been found to work. Because of this, merchants are not affected as badly, as they incur miniscule losses when they do – but trust in Visa still deteriorates for the legitimate cardholders.

In reality this is unlikely to be of relevance to most merchants that deploy fraud protection, as card testing attempts are relatively easy to detect and block.

What are the (new) fees for merchants on VAMP?

Fees and penalties imposed on merchants and acquirers on the VAMP program are now focused on enforcement rather than non-compliance. For merchants, it’s $10 per CNP per dispute (be it fraud or non-fraud). Visa noted that these fees are subject to change.

Also announced were the specific criteria for exactly when the fees apply, in addition to the new thresholds. For instance, there is a 3-month grace period for first-time identifications.

As previously, the worst case scenario for merchants on VAMP is that they can even lose their ability to accept payments with Visa cards. With Visa being the top card scheme worldwide, with roughly 39% of global transactions according to Capital One Shopping, it’s not a risk worth taking for most merchants.

So, why is Visa changing its dispute monitoring programs?

The reasoning provided by Visa includes “the rapidly evolving payments ecosystem, technological advancements in payment methods, and the potential for fraud, disputes and enumeration”.

As always, consumer confidence in card payments, and especially so card-not-present payments, is a key motivator for Visa. Payment fraud is on the rise, with 69% of merchants reporting an increase in the past year.

In practical terms, Visa is simplifying and rationalizing its dispute monitoring programs, but also incentivizing merchants to make use of Visa’s proprietary tools, such as Verifi and add-ons.

How does the new VAMP work for acquirers?

Any discussion of the effect of this change on acquirers has to consider first that the program starts in the European continent, where most acquirers are already monitoring and reporting because of PSD2 requirements.

Therefore, it’s only high-risk specialty acquirers who might need to reconsider their strategy, such as those dealing with online gambling or certain financial products.

At the same time, Visa seems to be shifting the focus further on acquirers. They will be impacted the most, and are expected to be proactive in managing their overall ratios and to work more closely with their merchants.

In terms of the rest of the world, it seems that Visa is testing the waters with its European deployment, both in terms of practical adoption and of reactions. It remains to be seen whether the changes will be implemented as-is to the US and elsewhere, or be adapted and reconsidered.

What are the new Visa VAMP thresholds for acquirers?

Note that the new thresholds for acquirers are also different to merchants:

Between April 1 and December 31, 2025, it will be 0.5% for “above standard”. Then, from 1 January 2026, 0.5% and over will be “excessive”, with 0.3% to 0.5% defined as “above standard”.

This means that just 0.3% will be sufficient to designate an acquirer as having “above standard” VAMP dispute rates – down to one-third of the current 0.9%.

If an acquirer exceeds the threshold, a fee of $5 (for above standard) or $10 (for excessive) will apply to each dispute for all the merchants on the acquirer’s portfolio.

How can acquirers be proactive?

There are also actionable steps for acquirers to be better prepared for when these changes kick in:

• Assess the impact on your merchants. Look at existing ratios with your merchants, and calculate whether they would be in trouble with the new metrics. Also think about your ideal customer profile: Even if your current merchants are in the clear, are the sectors and industries you work with likely to incur more chargebacks? Are they a traditional target of enumeration attacks?

• Look into your anti-fraud and supporting infrastructure. Depending on your situation, you might want to consider better fraud prevention tools. This is an investment that could help in the long run.
  
  

• Reach out to the various providers of your payments, fraud and dispute support stack. Ask them what specific steps they are taking to address the changes, and make sure you can support any changes they are asking you to make.
  
  

• Ask yourself, "Am I giving my merchants all the information they need?" For example, some acquirers tend not to give merchants dispute data when the liability has shifted to the acquirer. However, for purposes of dispute ratio calculation, these disputes are still linked to the merchant and affect the ratio. Sharing the right data with your merchants not only helps them stay off the VAMP program but can help them understand their payments landscape better.
  
  

• Consider customer experience. Think: If my merchants end up on this program, how can I support them? Will your merchants be happy with the way you are responding to their needs, from a technical perspective and customer support?

In summary

Visa’s changes to the VAMP and other dispute monitoring and resolution programs follow three main trends:

1. They simplify and consolidate monitoring for merchants

2. They shift the focus to large transaction volumes – and from smaller merchants to acquirers

3. They promote proactiveness, with a focus on Visa’s own tools

Looking at the announced updates and assuming there are no changes to them before they come into play, merchants are advised to speak to their fraud prevention and payments partner to assess how the changes are likely to affect them.

Providers who are proactive in supporting merchants with investigations and optimization will likely bring this to the table themselves, to help safeguard your revenue and growth.

If you don’t yet have a trusted partner to discuss how changes to chargeback ratios and Visa’s thresholds could affect your bottom line and standing with Visa and other card schemes, book a call with the Ravelin team.

Further reading

• How are you counting the cost of chargebacks?

• Refund vs chargeback: Why it pays to know the difference

• The false promise of chargeback guarantee models in fraud detection

• Video on demand: Exemptions optimization under PSD2

• Podcast: Chargebacks 101 with Monica Eaton-Cardone

• PSD2 and PSPs: Understanding how fraud rate exemptions deliver competitive advantage

• What do PSD3 and PSR mean for your business?

• 3DS Server & SDKs