hexagonshexagons
Blog / Fraud detection and prevention

Fraud-to-Sales Ratio: Everything You Need to Know

Morgan Ackley | Friday, May 12th, 2023 | 16 minutes

Every merchant is at risk for fraud. And it can happen at any time for a variety of reasons. Regardless, all fraud claims can negatively affect your fraud-to-sales ratio — which comes with a host of problems.

In this guide, we’ll help you understand what a fraud-to-sales ratio is and how to manage it.

  • What is a Fraud-to-Sales Ratio?
  • Why Does Your Fraud Ratio Matter?
  • What are Fraud Monitoring Programs?
  • Best Practices to Prevent Fraud

What is a Fraud-to-Sales Ratio?

A fraud-to-sales ratio measures the number of fraudulent transactions you process in a given month against your monthly sales volume. If you process a transaction and the cardholder later claims it was unauthorized, your fraud-to-sales ratio will be impacted.

Each card brand has a different method of calculating the ratio.

Visa® fraud ratio

Visa’s ratio compares the amount or value of total transactions to the amount of transactions classified as fraud.

The Visa fraud-to-sales ratio is calculated in the following way:

Visa fraud ratio

Here is a real-life example:

Visa fraud ratio example

Mastercard® fraud ratio

Mastercard’s calculation differs in a couple ways. First, Mastercard considers transaction volume — not amount. And, the calculation compares the current month to the previous month.

Here’s Mastercard’s calculation:

Mastercard fraud ratio

And here’s a real-life example:

Mastercard fraud ratio example

Only brand-specific transactions are included in the calculations. For example, fraud claims made on Visa transactions will only count towards the Visa fraud threshold.

Which Types of Fraud Are Included in the Fraud Ratio Calculation?

There are two types of fraud that are factored into the fraud-to-sales ratio: criminal fraud and friendly fraud.

Criminal fraud occurs when a fraudster uses a payment card or account information to make an unauthorized purchase.

Friendly fraud happens when a customer makes a purchase and later disputes it with their bank — most likely because they forgot about the purchase or don’t recognize it on their bank statement.

Unfortunately, it's difficult to know which type of fraud you’re dealing with because there isn’t a friendly fraud reason code — it's just fraud. If a cardholder claims a transaction is unauthorized, banks will typically file a chargeback. They won't usually tell the customer no just because they suspect friendly fraud. Therefore, all fraud claims — valid and invalid — are included in the ratio.

Why Does Your Fraud Ratio Matter?

Each card brand sets its own fraud-to-sales ratio threshold or limit. And acquiring banks have to monitor merchants for thresholds violations — along with other risk metrics.

That’s because card brands and banks want to know if your business poses a risk to theirs. They don't want to work with merchants that could potentially cause them to lose money or damage their reputation. So they monitor metrics to gauge risk levels. If your risk levels get too high, banks can close your accounts.

NOTE: The fewer transactions you process with a card brand, the easier it is to breach that card brand’s thresholds. For example, if you only process five Visa transactions in a month and one of those is fraudulent, you could go over the threshold limits.

But before closing an account, the bank will usually give you a chance to improve your fraud problems. One of the ways they do this is by enrolling you in a fraud monitoring program.

What are Fraud Monitoring Programs?

Fraud monitoring programs are used by card brands to penalize merchants who breach risk thresholds — similar to chargeback monitoring programs. These programs are meant to help you better manage fraud.

Programs typically require you to provide a detailed remediation plan outlining your strategy for reducing your fraud ratio. And that may include submitting monthly progress reports.

A WORD OF WARNING: If you remain in a monitoring program for more than 12 months, your acquirer is required to close your merchant account and terminate payment processing privileges. However, your acquirer will likely want to minimize potential risk and close your account sooner than the 12-month deadline.

Visa Fraud Monitoring Program

The Visa Fraud Monitoring Program (VFMP) consists of four classification types. Each month you breach both thresholds (or get close to violating them), you could be flagged as one of the following:

CLASSIFICATION TYPE

FRAUD AMOUNT THRESHOLD

FRAUD RATIO THRESHOLD

Early warning$50,0000.65%
Standard$75,0000.9%
High-risk$250,0001.8%
Excessive$75,0000.9%

The early warning threshold is not an actual violation. It’s an alert that your merchant account is getting close to the violation — which starts at the standard threshold.

A NOTE FOR U.S. MERCHANTS: If you use 3D Secure 2.0, there are additional metrics used to measure your risk and different threshold limits. Talk with your payment processor about those metrics and risks to see if the chargeback prevention tool is a good fit for your business.

Violation statuses

Visa has three violation statuses that determine when fines and penalties are issued. Those statuses are:

  • Notification: During the first month that your account is in the standard threshold, you will be notified. Visa does not issue any fines during this stage (but your processor might).
  • Workout: In the months following the Notification status, Visa gives you time to fix the fraud issues and your account is moved to the workout status. Again, Visa won’t issue fines during this stage — but your processor probably will.
  • Enforcement: If you do not fix the fraud issues, your account moves to the enforcement stage. During the first month and any subsequent months that your account meets the standard threshold or higher, Visa will issue fines and penalties.

NOTE: The notification and workout statuses are only applicable to merchants classified in a standard program. If you are classified as high-risk or excessive, you’ll immediately be fee-eligible. There is no grace period.

Fines

The fines and penalties you owe will depend on your program classification — standard, high-risk, or excessive. Fines start much earlier if you are classified as high-risk or excessive.

Regardless of the classification, the longer you are in the program, the more you’ll pay in fines. Costs usually range from $10,000 USD to $75,000 USD per month.

NOTE: It’s important to note how program monitoring fees are charged. Unlike a chargeback fee — which is a per-instance cost — monitoring program fines are issued in one large, lump-sum amount each month.

And it’s pretty rare to be enrolled in a monitoring program for one card brand but not the other. If you are consistently breaching Visa’s thresholds, you will probably also go over Mastercard’s limits. Therefore, you could receive fines from both card brands.

Don’t let these high-dollar expenses catch you off guard.

How to get out of the VFMP

Inclusion in the VFMP isn’t meant to be permanent. Visa intends for merchants enrolled in the VFMP to improve fraud prevention strategies and decrease their fraud-to-sales ratio to an acceptable level.

To exit the VFMP, your merchant account has to be below the standard threshold for three consecutive months. If you breach the threshold again — during month two, for example — you will have to start over.

Mastercard Excessive Fraud Merchant Program

The Mastercard Excessive Fraud Merchant (EFM) Program is designed to reduce fraud associated with card-not-present transactions.

Merchants are enrolled in the Mastercard EFM Program if all of the following criteria are met:

VOLUME REQUIREMENTAMOUNT THRESHOLDRATIO THRESHOLD
At least 1,000 Mastercard transactions in the previous month$50,000 (USD/EUR) or more in fraud-related chargebacks0.50% or higher fraud-to-sales ratio

NOTE: Enrollment criteria differs for Australian-based merchants. If you operate a business in Australia, your ratio must be below 0.2% and your fraud-chargeback amount below $15,000 USD.

If you use 3D Secure, there are additional thresholds to consider. These vary based on whether or not your country has legal or regulatory requirements for strong cardholder authentication.

Fines

Mastercard assesses fines for merchants enrolled in the EFM Program based on the time spent within the program.

The first month is a grace period — Mastercard doesn’t charge a fine. However, your processor might.

After the first month in the program, fines are issued monthly. Amounts can range from $500 (or €500) to $100,000 (or €100,000) or more.

How to get out of the Mastercard EFM Program

To exit the program, your merchant account must be below EFM program thresholds for 3 consecutive months.

And because you have to meet all criteria to be placed in the program, if either the fraud amount or ratio is less than the threshold limit, your account is considered compliant for that month.

Discover and American Express Fraud Monitoring Programs

Discover and American Express do not provide any public-facing information about fraud monitoring programs, terms, or fines.

We recommend you contact your acquirer to discuss thresholds and expectations for these card brands. If you are a Kount customer, contact your account manager for guidance.

Fraud Monitoring Program Reason Codes

Under normal circumstances, you can respond to chargebacks using compelling evidence and supporting documents. However, once you are enrolled in a fraud monitoring program, your response options are severely restricted.

The only way you can fight fraud-coded chargebacks while in a monitoring program is if:

  • The customer no longer wants to dispute the purchase.
  • A refund was issued before the dispute.
  • A prior dispute on the transaction was already accepted.

A WORD OF WARNING: Because it’s so difficult to fight a fraud-related chargeback, prevention and mitigation is your best option for protecting your revenue and keeping a low fraud-to-sales ratio.

Additionally, if you are enrolled in a monitoring program, Visa and American Express will no longer send the standard fraud codes. Instead, chargebacks will be sent with a specific code indicating program enrollment.

For example, the typical dispute reason code for Visa is 10.4. But once you are in a monitoring program, that reason code is 10.5.

The following are the various card brands' fraud reason codes:

  • Visa Reason Code 10.5 - Visa Fraud Monitoring Program
  • Mastercard Reason Code 4837 - No Cardholder Authorization
  • Mastercard Reason Code 4849 - Questionable Merchant Activity
  • Discover Reason Code UA01 - Fraud: Card Present Transaction
  • Discover Reason Code UA02 - Fraud: Card Not Present Transaction
  • Discover Reason Code UA05 - Fraud: Chip Card Counterfeit Transaction
  • Discover Reason Code UA06 - Fraud: Chip and PIN Transaction
  • American Express Reason Code FR2 - Fraud Full Recourse Program
  • American Express Reason Code FR4 - Immediate Chargeback Program
  • American Express Reason Code FR6 - Partial Immediate Chargeback Program

NOTE: If you receive one of the above chargeback reason codes and aren’t aware of being in a fraud monitoring program, contact your payment processor or acquirer immediately for a copy of your violation letter.

Keep in mind, too, that you are automatically liable for the above reason codes for one year or within the timeline outlined in your violation letter.

Best Practices to Prevent Fraud

Prioritize fraud prevention by learning and implementing best practices, strategies, and tools that reduce the likelihood of fraud taking place. That way you can avoid monitoring programs altogether.

Use identity verification tools

Your processor offers various identity verification tools that can help you maintain a low fraud ratio.

These identity verification tools help to verify a cardholder’s identity during a card-not-present transaction. These tools compare information provided during checkout to the information on file with the card issuer.

If the information provided matches what’s on file with the issuer, there’s a strong probability the shopper is actually the cardholder. A mismatch could indicate unauthorized activity.

If you haven’t already, contact your payment processor to add the following tools to your fraud management strategy:

  • Address Verification Service (AVS) compares a cardholder’s billing address at the time of checkout to the billing address on file with the issuer. Based on the information provided, the service returns a response code that indicates if a transaction should be approved or declined.
  • Card Security Code (CVC2, CVV2, CID) requires a shopper to input the three- or four-digit code printed on the payment card during checkout. This code is sent to the issuer for review. Mismatched card security codes can indicate that the shopper doesn’t have the physical card and may be using stolen cardholder information to conduct a fraudulent transaction.

You can also use identity verification solutions from Kount Identity to prevent suspicious account sign-ups and give you better insights about the customers interacting with your business.

Understand the red flags for fraud.

Fraudsters typically follow similar patterns when conducting unauthorized transactions. Recognizing these red flags can help you avoid a hit to your fraud-to-sales ratio. Look for transactions that represent a high risk to your business, such as:

  • Shopping for the first time
  • Buying high-priced merchandise
  • Placing larger-than-normal orders or buying multiple copies of the same item
  • Using the same shipping address for different orders, or making multiple purchases with the same card but shipping to different addresses
  • Using multiple payment cards to complete a single order
  • Re-trying an order with a smaller amount after a first attempt is declined
  • Choosing express shipping
  • Shipping to a freight forwarding service
  • Shopping from an IP address that doesn’t match the shipping or billing location
  • Using obviously fake information
  • Using an email address that doesn’t match the shopper’s name
  • Receiving an approval after multiple declines

It can be difficult to detect these warning signs and know how to respond. If you’d like easier and more accurate fraud detection with instant decisioning, consider using fraud detection technology. Kount offers the industry's best fraud detection and prevention software.

Develop a holistic risk management strategy.

The decisions you make and the tools you implement can have significant impacts on your fraud-to-sales ratio. The reality is you can’t just use one solution to address fraud — you need to use a variety of tools and resources to make sure you’re fully covered.

Create a multi-layer strategy with different tools and techniques that compliment each other. That way, when there is a shortcoming in one area, other layers are in place to cover any gaps.

Visa’s CE 3.0 initiative.

Under Visa’s new CE 3.0 initiative, if you provide compelling evidence that disproves a fraud claim, the impact to your fraud-to-sales ratio will be reversed.

This works by comparing past transaction data to the disputed transaction. If there is a data match (such as IP address and device fingerprint) between at least two previously undisputed transactions and the current dispute, the fraud case is overturned.

Rapid Dispute Resolution.

Rapid dispute resolution (RDR) is a chargeback prevention tool that resolves disputes by initiating refunds for certain disputed transactions.

This helps control and limit your chargeback-to-transaction ratio. However, it doesn’t protect your fraud ratio. Therefore, you’ll want to supplement this tool with something like Visa CE 3.0.

3D Secure 2.0.

3D Secure 2.0 is an effective tool for combating chargebacks. Transactions that are fully authenticated with 3DS2 prevent issuers from initiating chargebacks for any resulting payment disputes.

However, fraud claims made against you still count against your fraud-to-sales ratio, so again, you’ll need to supplement this tool with another resource.

Chargeback insurance and guarantees

Chargeback insurance — also called a chargeback guarantee — reimburses you for certain fraud-related chargebacks. However, recovering revenue doesn't reverse the damage done to your fraud ratio or chargeback ratio.

A better option is to focus on true fraud prevention. Not only will this have the biggest impact on risk overall, it’s also the most cost-effective.

Analyze your fraud data.

Figuring out why chargebacks are happening might seem impossible. But if you analyze your data, you can identify problems at their source and fix them before they escalate.

For example, data can uncover fraud schemes like card testing. It can also reveal countries that are high-risk for fraud or identify marketing sources that attract fraudsters.

Without data, you’re just guessing about the root cause of your fraud problems. Data gives you clarity — making it easier to stop fraud when it gets out of hand.

Use fraud detection technology.

Managing fraud is an essential part of growing a business. But it can also be a time-consuming, error-prone process if you use the wrong technique.

To get the best results in the most efficient way possible, you need to use technology. And Kount can help.

Kount offers a complete approach to managing fraud — chargeback prevention, payment protection, identity verification, and fraud detection. Essentially, Kount does all the hard work for you so you don’t even have to worry about fraud, chargebacks, or monitoring programs.

If your fraud ratio is becoming a concern or you’ve recently been enrolled in a monitoring program, reach out to our team of experts. We’ll help you create a strategy with both quick wins and long-term protection so you can have complete confidence now and in the future.

Schedule a call with Kount

Related content

See more related content
Related Blog Post
Buy Now, Pay Later: BNPL Risk Management Is Essential
Are you a buy now, pay later service provider? If so, you need to be aware of these BNPL risks -- and know how to manage them. Click here to learn more.
Related Blog Post
Big opportunities, bigger risks in booming health and beauty market
It’s an exciting time for health and beauty merchants, but they need to know these top fraud issues affecting the market, as the space grows.
Related Blog Post
Precision & Recall: When Conventional Fraud Metrics Fall Short
A lot of businesses turn to conventional fraud metrics to set that all-important approval-decline threshold. But a one-size-fits-all approach is not always the most profitable. Let’s look at how a…
Related Blog Post
Why Promo Abuse Fraud Hurts and How to Prevent It
If you aren't accounting for promo abuse, you may experience significant financial losses from decreases in sales and user retention. Find out how to respond.
Related News
Understanding Customers is More Important Than Ever
Dilip Singh discusses the value of using data science to better understand your consumers. Learn how the data you're collecting can lead to consumer insights.
Related Blog Post
What Is Chargeback Insurance?
Chargeback insurance sounds great at first. See what a chargeback guarantee actually covers and find a better way to stop loss from fraudulent transactions.
Related Guide
7 Fraud Schemes Targeting Restaurants and QSRs
Online ordering and delivery services are great ways to boost revenue for QSRs, but some of those sales are likely from restaurant fraudsters.
Related News
Equifax and VTEX Join Forces with Strategic Partnership
Equifax has joined forces with VTEX to enable customers on the VTEX platform to seamlessly integrate with the Kount Payment Fraud solution.
Related Page
Fraud Detection Software
Kount offers the most accurate risk assessments possible. Our fraud detection software uses machine learning to identify more fraud with fewer false positives.
Related News
Adam Gunther feature on The Future of Identity Podcast
In this Future of Identity podcast episode, Adam talks about his journey in the identity space and tactical factors needed for reusable identity adoption.
Related Blog Post
SAFE & TC40 Data: 6 Things You Need to Know
What is TC40 data? How is SAFE data used? Learn more about fraud reporting and how this data can impact chargeback management.
Related News
Fireside Chat on Post-Transaction Fraud
In this PYMNTS.com interview, Robert Painter talks Visa's CE 3.0 key takeaways and the best strategies for merchants to protect against post-transaction fraud.
Related Guide
7 Features to Look For When Buying Fraud Technology for Restaurants
It’s important to find fraud protection technology from a provider that truly understands the challenges facing restaurants today.
Related Analyst report
Liminal Names Kount an Industry Leader in Ecommerce Fraud Prevention
Liminal Strategy recently conducted a report analyzing the top 50 ecommerce vendors. Find out here why Kount was named a leading provider in the space.
Related Blog Post
21% of online gamers have been hacked in the last year (infographic)
Lack of account security could prompt gamers to dispute purchases or quit playing games indefinitely, causing revenue loss for game companies.
Related Blog Post
Elder Financial Exploitation: What Businesses Need to Know
Your business can become a conduit for elder financial abuse. And that could damage your reputation. Learn how to identify and prevent it.
Related Blog Post
Why Restaurants are Experiencing an Increase in Fraud
Restaurants and QSRs have experienced a massive shift in customer buying behaviors – which has brought a lot of new fraud threats. Learn more here.
Related Blog Post
Shopify Fraud Prevention: The Complete Guide to Managing Risk
Is fraud an issue for your business? Check our Shopify fraud guide. We have tips, tricks, and technology suggestions that will offer maximum protection.
Related Blog Post
Building vs. Buying a Fraud Solution: The Costs and Benefits
Wondering if it’s better to buy a pre-built fraud solution or build your own? Check out this blog to figure out which path is right for you.
Related Blog Post
Digital Wallet Fraud: Protect Your Business From Evolving Risks
Digital wallet payments are on the rise, and so are the risks to merchants. Find out how to protect your business from threats that come with new payment types.
Related Blog Post
Egift Card Fraud Prevention: The Complete Guide
Egift card fraud can drain revenue and frustrate customers. Check this guide to learn everything you need to know about how it happens and ways to prevent it.
Related Blog Post
Machine Learning Fraud Detection and Prevention Guide
Using machine learning fraud detection can improve business processes and increase revenue. Read more in our detailed guide.
Related Blog Post
iGaming Fraud Prevention: How to Mitigate Risks and Stay Profitable
iGaming has become hugely popular. And so have the associated fraud risks. Protect your games, your players, and your business.
Related Blog Post
How to Detect and Prevent Social Engineering Attacks
Ever heard of social engineering? It’s the newest threat to your business. Find out what it is, how to detect it, and ways to protect your company.
Related Blog Post
30 Telltale Signs of Fraud: How to Recognize High-Risk Orders
What are the most common signs of fraud? How can you tell the difference between good and bad orders? Here are 30 red flags to look for.
Related Blog Post
Mastercard Fraud Monitoring Program: What to Do When You Get Enrolled
Are you enrolled in Mastercard’s fraud monitoring program? We’ll walk you through everything you need to know about the program and how to exit in this guide.
Related Blog Post
Refund Fraud: What It Is and How to Stop It
Refunding fraud is unfairly stealing your revenue. Find out how to stop online return fraud scams and protect your business.
Related Blog Post
Card Testing Fraud: Prevent Big Loss From Small Purchases
Card testing fraud can steal revenue and expose your business to other harmful threats. Stop carding before it impacts you. Click here to learn how.
Related Blog Post
What is 3D Secure 2.0?
Is your business ready for 3DS 2.0? To learn about the latest update to 3D Secure and its advantages, read this complete guide from Kount.
Related Blog Post
Fraud Detection Rules: What They Are & How They Impact Outcomes
Shopping for a fraud prevention vendor? The topic of fraud detection rules will probably come up. Here's what to know - and how to evaluate a solution provider.

AUTHOR

Morgan Ackley

Content Strategist

Morgan has worked in the tech industry for over 5 years. Her breadth of knowledge and curiosity about technology and all things fraud-related drive her to craft compelling, educational pieces for readers seeking answers.